Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info aapanel--aapanel WP Toolkit The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for…
CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Radiflow--iSAP Smart Collector The device has two web servers that expose unauthenticated REST APIs on the management network (TCP…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info ABB--RMC-100 Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the…
