CVE Alert: CVE-2025-50869
Vulnerability Summary: CVE-2025-50869 A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input...
CVE Alert: CVE-2025-50870
Vulnerability Summary: CVE-2025-50870 Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts...
CVE Alert: CVE-2025-50868
Vulnerability Summary: CVE-2025-50868 A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is...
[LYNX] – Ransomware Victim: www[.]pefco[.]com
Ransomware Group: LYNX VICTIM NAME: wwwpefcocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RHYSIDA] – Ransomware Victim: Cookeville Regional Medical Center
Ransomware Group: RHYSIDA VICTIM NAME: Cookeville Regional Medical Center NOTE: No files or stolen information are by RedPacket Security. Any...
[MEDUSA] – Ransomware Victim: White Coffee Corporation
Ransomware Group: MEDUSA VICTIM NAME: White Coffee Corporation NOTE: No files or stolen information are by RedPacket Security. Any legal...
[MEDUSA] – Ransomware Victim: Franklin Pierce Schools
Ransomware Group: MEDUSA VICTIM NAME: Franklin Pierce Schools NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2025-54564
Vulnerability Summary: CVE-2025-54564 uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows...
CVE Alert: CVE-2025-54574
Vulnerability Summary: CVE-2025-54574 Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to...
CVE Alert: CVE-2025-6014
Vulnerability Summary: CVE-2025-6014 Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within...
CVE Alert: CVE-2025-6011
Vulnerability Summary: CVE-2025-6011 A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to...
CVE Alert: CVE-2025-6004
Vulnerability Summary: CVE-2025-6004 Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods....
CVE Alert: CVE-2025-6000
Vulnerability Summary: CVE-2025-6000 A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution...
CVE Alert: CVE-2025-8475
Vulnerability Summary: CVE-2025-8475 Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE Alert: CVE-2025-5999
Vulnerability Summary: CVE-2025-5999 A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own...
CVE Alert: CVE-2025-8474
Vulnerability Summary: CVE-2025-8474 Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute...
CVE Alert: CVE-2025-8473
Vulnerability Summary: CVE-2025-8473 Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on...
CVE Alert: CVE-2025-8480
Vulnerability Summary: CVE-2025-8480 Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on...
CVE Alert: CVE-2025-8477
Vulnerability Summary: CVE-2025-8477 Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to...
CVE Alert: CVE-2025-6037
Vulnerability Summary: CVE-2025-6037 Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured...
CVE Alert: CVE-2025-6015
Vulnerability Summary: CVE-2025-6015 Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be...
CVE Alert: CVE-2025-8472
Vulnerability Summary: CVE-2025-8472 Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to...
CVE Alert: CVE-2025-8476
Vulnerability Summary: CVE-2025-8476 Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on...
CVE Alert: CVE-2025-54424
Vulnerability Summary: CVE-2025-54424 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on...
