CVE Alert: CVE-2025-48703 – centos-webpanel – CentOS Web Panel
CVE-2025-48703 CRITICALExploitation active CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via...
CVE Alert: CVE-2025-11371 – Gladinet – CentreStack and TrioFox
CVE-2025-11371 UnknownExploitation active In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File...
[QILIN] – Ransomware Victim: Prova
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[COINBASECARTEL] – Ransomware Victim: Property Finder / PropSpace
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: MS Metal Solutions
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Elliott Tax Service
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[RHYSIDA] – Ransomware Victim: Automated Logistics Systems
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Benda Grace Stulz
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: Palacios Marine & Industrial
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: General Micro Systems
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[RHYSIDA] – Ransomware Victim: Invacare
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[SPACEBEARS] – Ransomware Victim: Rios Espinosa
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
[DEVMAN] – Ransomware Victim: www[.]heitech[.]com[.]my
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal...
BugCrowd Bug Bounty Disclosure: P5 – Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com) – madhu873
Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com) Session ID Disclosure via Referer Header to Third-Party Domains (nspires.nasaprs.com)...
CVE Alert: CVE-2025-11733 – lumiblog – Footnotes Made Easy
CVE-2025-11733 HIGHNo exploitation known The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings...
CVE Alert: CVE-2025-11724 – erinmorelli – EM Beer Manager
CVE-2025-11724 HIGHNo exploitation known The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote...
CVE Alert: CVE-2025-10896 – litonice13 – Master Blocks – Ultimate Gutenberg Blocks for Marketers
CVE-2025-10896 HIGHNo exploitation known Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to Unrestricted Upload...
CVE Alert: CVE-2025-11890 – beycanpress – Crypto Payment Gateway with Payeer for WooCommerce
CVE-2025-11890 HIGHNo exploitation known The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to payment bypass...
CVE Alert: CVE-2025-11704 – impacttechlab – Elegance Menu
CVE-2025-11704 HIGHNo exploitation known The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
CVE Alert: CVE-2025-47360 – Qualcomm, Inc. – Snapdragon
CVE-2025-47360 HIGHNo exploitation known Memory corruption while processing client message during device management. CVSS v3.1 (7.8) AV LOCAL · AC...
CVE Alert: CVE-2025-47368 – Qualcomm, Inc. – Snapdragon
CVE-2025-47368 HIGHNo exploitation known Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing....
CVE Alert: CVE-2025-47367 – Qualcomm, Inc. – Snapdragon
CVE-2025-47367 HIGHNo exploitation known Memory corruption while accessing a buffer during IOCTL processing. CVSS v3.1 (7.8) AV LOCAL · AC...
CVE Alert: CVE-2025-47365 – Qualcomm, Inc. – Snapdragon
CVE-2025-47365 HIGHNo exploitation known Memory corruption while processing large input data from a remote source via a communication interface. CVSS...
CVE Alert: CVE-2025-47361 – Qualcomm, Inc. – Snapdragon
CVE-2025-47361 HIGHNo exploitation known Memory corruption when triggering a subsystem crash with an out-of-range identifier. CVSS v3.1 (7.8) AV LOCAL...
