CVE Alert: CVE-2025-26569
Vulnerability Summary: CVE-2025-26569 Cross-Site Request Forgery (CSRF) vulnerability in callmeforsox Post Thumbs allows Stored XSS. This issue affects Post Thumbs:...
Month: February 2025
CVE Alert: CVE-2025-26571
Vulnerability Summary: CVE-2025-26571 Cross-Site Request Forgery (CSRF) vulnerability in wibiya Wibiya Toolbar allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-26570
Vulnerability Summary: CVE-2025-26570 Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-24903
Vulnerability Summary: CVE-2025-24903 libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with...
CVE Alert: CVE-2024-12013
Vulnerability Summary: CVE-2024-12013 A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h....
CVE Alert: CVE-2025-26580
Vulnerability Summary: CVE-2025-26580 Cross-Site Request Forgery (CSRF) vulnerability in CompleteWebResources Page/Post Specific Social Share Buttons allows Stored XSS. This issue...
CVE Alert: CVE-2024-12012
Vulnerability Summary: CVE-2024-12012 A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP...
CVE Alert: CVE-2024-12011
Vulnerability Summary: CVE-2024-12011 A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information...
[EMBARGO] – Ransomware Victim: Heritage South Credit Union
Ransomware Group: EMBARGO VICTIM NAME: Heritage South Credit Union NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Primaveras
Ransomware Group: AKIRA VICTIM NAME: Primaveras NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Nelson & Townsend, CPA’s
Ransomware Group: AKIRA VICTIM NAME: Nelson & Townsend, CPA's NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Window World of Raleigh
Ransomware Group: AKIRA VICTIM NAME: Window World of Raleigh NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Castle Rock Construction Company
Ransomware Group: AKIRA VICTIM NAME: Castle Rock Construction Company NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Genus
Ransomware Group: AKIRA VICTIM NAME: Genus NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-24904
Vulnerability Summary: CVE-2025-24904 libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with...
CVE Alert: CVE-2025-25899
Vulnerability Summary: CVE-2025-25899 A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. This...
CVE Alert: CVE-2025-22480
Vulnerability Summary: CVE-2025-22480 Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker...
CVE Alert: CVE-2025-25287
Vulnerability Summary: CVE-2025-25287 Lakeus is a simple skin made for MediaWiki. Starting in version 1.8.0 and prior to versions 1.3.1+REL1.39,...
CVE Alert: CVE-2025-0426
Vulnerability Summary: CVE-2025-0426 A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to...
CVE Alert: CVE-2025-26511
Vulnerability Summary: CVE-2025-26511 Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0,...
CVE Alert: CVE-2025-25900
Vulnerability Summary: CVE-2025-25900 A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at...
CVE Alert: CVE-2025-24888
Vulnerability Summary: CVE-2025-24888 The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions...
CVE Alert: CVE-2025-25388
Vulnerability Summary: CVE-2025-25388 A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote...
CVE Alert: CVE-2025-24889
Vulnerability Summary: CVE-2025-24889 The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions...
