CyberAlerts

CVE-2025-21479

🚨 Marked as known exploited on June 3rd, 2025 (1 day ago).

Description: Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

CVSS: HIGH (8.6)

EPSS Score: 0.02%

Source: CVE

June 3rd, 2025 (1 day ago)

Google Patches Actively Exploited Zero-Day in Chrome’s V8 Engine

🚨 Marked as known exploited on June 3rd, 2025 (1 day ago).

Description: Google has released a security update for Chrome desktop, addressing three vulnerabilities, including a critical zero-day flaw in the V8 JavaScript engine that attackers are actively exploiting. The patch, now rolling out to Windows, Mac, and Linux users via version 137.0.7151.68/.69, aims to protect millions of Chrome users from potential heap corruption attacks. The zero-day, … The post Google Patches Actively Exploited Zero-Day in Chrome’s V8 Engine appeared first on CyberInsider.

Source: CyberInsider

June 3rd, 2025 (1 day ago)

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

🚨 Marked as known exploited on June 3rd, 2025 (1 day ago).

Description: Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. "Out of bounds read and write in V8 in Google

EPSS Score: 0.07%

Source: TheHackerNews

June 3rd, 2025 (1 day ago)

CVE-2025-5419

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a...

🚨 Marked as known exploited on June 3rd, 2025 (1 day ago).

Description: Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

EPSS Score: 0.07%

Source: CVE

June 3rd, 2025 (2 days ago)

Android Fixes Actively Exploited Zero-Days in Qualcomm Components

🚨 Marked as known exploited on June 2nd, 2025 (2 days ago).

Description: Google has released its June 2025 Android Security Bulletin, patching multiple high-severity vulnerabilities, including three critical Qualcomm zero-days that were confirmed to be under active, targeted exploitation. According to Qualcomm’s security bulletin, the actively exploited vulnerabilities, CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038, affect Adreno GPU drivers. These flaws allow unauthorized command execution or memory corruption through specific … The post Android Fixes Actively Exploited Zero-Days in Qualcomm Components appeared first on CyberInsider.

CVSS: HIGH (8.6)

EPSS Score: 0.02%

Source: CyberInsider

June 2nd, 2025 (2 days ago)

CVE-2021-32030

CISA Adds Five Known Exploited Vulnerabilities to Catalog

🚨 Marked as known exploited on June 2nd, 2025 (2 days ago).

Description: CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability CVE-2023-39780 ASUS RT-AX55 Routers OS Command Injection Vulnerability CVE-2024-56145 Craft CMS Code Injection Vulnerability CVE-2025-3935 ConnectWise ScreenConnect Improper Authentication Vulnerability CVE-2025-35939 Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. Please share your thoughts with us thro...

CVSS: CRITICAL (9.8)

Source: All CISA Advisories

June 2nd, 2025 (2 days ago)

Frequently Asked Questions About BadSuccessor

🚨 Marked as known exploited on June 2nd, 2025 (2 days ago).

Description: Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller.BackgroundTenable’s Research Special Operations (RSO) and the Identity Content team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed zero-day in Active Directory called BadSuccessor.FAQWhat is BadSuccessor?BadSuccessor is the name of a zero-day privilege escalation vulnerability in Active Directory that was discovered and disclosed by Yuval Gordon, a security researcher at Akamai.According to Gordon, the flaw exists in delegated Managed Service Accounts (dMSAs), a service account type in Active Directory (AD) that was introduced in Windows Server 2025 to enable the migration of non-managed service accounts.What are the vulnerabilities associated with BadSuccessor?As of June 2, Microsoft had not assigned a CVE identifier for BadSuccessor. Microsoft is the CVE Numbering Authority (CNA) for its products. Since there are currently no patches available for BadSuccessor, no CVE has been assigned. If Microsoft does assign a CVE alongside patches for it, we will update this blog accordingly.How is BadSuccessor exploited?To exploit BadSuccessor, an attacker needs to be able to access a user account with specific permissions in AD, and at least one domain controller in the domain needs to be running Windows Server 2025.Based on Akamai’s research, even if an AD do...

Source: Tenable Blog

June 2nd, 2025 (2 days ago)

Qualcomm fixes three Adreno GPU zero-days exploited in attacks

🚨 Marked as known exploited on June 2nd, 2025 (2 days ago).

Description: Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks. [...]

Source: BleepingComputer

June 2nd, 2025 (2 days ago)

Nuclei Templates Monthly - May 2025

🚨 Marked as known exploited on May 31st, 2025 (4 days ago).

Description: Summary of Releases v10.2.1 & v10.2.2 This month, we've released two new versions of Nuclei Templates, which introduce numerous improvements and new templates for Nuclei users. Here are some highlighted stats from the combined releases: 🎉 106 new templates added 🔥 57 new CVEs covered 🛡️ 10 actively exploited KEVs included 🚀 11 first-time contributions 💰 Template Reward program launched Introduction The Nuclei Templates v10.2.1 and v10.2.2 were released earlier this Month, introducing

Source: ProjectDiscovery Blog

May 31st, 2025 (4 days ago)

Hackers are exploiting critical flaw in vBulletin forum software

🚨 Marked as known exploited on May 30th, 2025 (5 days ago).

Description: Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]

Source: BleepingComputer

May 30th, 2025 (5 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-21479	Incorrect Authorization in Graphics 🚨 Marked as known exploited on June 3rd, 2025 (1 day ago). Description: Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. CVSS: HIGH (8.6) EPSS Score: 0.02% Source: CVE June 3rd, 2025 (1 day ago)
	Google Patches Actively Exploited Zero-Day in Chrome’s V8 Engine 🚨 Marked as known exploited on June 3rd, 2025 (1 day ago). Description: Google has released a security update for Chrome desktop, addressing three vulnerabilities, including a critical zero-day flaw in the V8 JavaScript engine that attackers are actively exploiting. The patch, now rolling out to Windows, Mac, and Linux users via version 137.0.7151.68/.69, aims to protect millions of Chrome users from potential heap corruption attacks. The zero-day, … The post Google Patches Actively Exploited Zero-Day in Chrome’s V8 Engine appeared first on CyberInsider. Source: CyberInsider June 3rd, 2025 (1 day ago)
	New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch 🚨 Marked as known exploited on June 3rd, 2025 (1 day ago). Description: Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. "Out of bounds read and write in V8 in Google EPSS Score: 0.07% Source: TheHackerNews June 3rd, 2025 (1 day ago)
CVE-2025-5419	Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a... 🚨 Marked as known exploited on June 3rd, 2025 (1 day ago). Description: Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) EPSS Score: 0.07% Source: CVE June 3rd, 2025 (2 days ago)
	Android Fixes Actively Exploited Zero-Days in Qualcomm Components 🚨 Marked as known exploited on June 2nd, 2025 (2 days ago). Description: Google has released its June 2025 Android Security Bulletin, patching multiple high-severity vulnerabilities, including three critical Qualcomm zero-days that were confirmed to be under active, targeted exploitation. According to Qualcomm’s security bulletin, the actively exploited vulnerabilities, CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038, affect Adreno GPU drivers. These flaws allow unauthorized command execution or memory corruption through specific … The post Android Fixes Actively Exploited Zero-Days in Qualcomm Components appeared first on CyberInsider. CVSS: HIGH (8.6) EPSS Score: 0.02% Source: CyberInsider June 2nd, 2025 (2 days ago)
CVE-2021-32030	CISA Adds Five Known Exploited Vulnerabilities to Catalog 🚨 Marked as known exploited on June 2nd, 2025 (2 days ago). Description: CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability CVE-2023-39780 ASUS RT-AX55 Routers OS Command Injection Vulnerability CVE-2024-56145 Craft CMS Code Injection Vulnerability CVE-2025-3935 ConnectWise ScreenConnect Improper Authentication Vulnerability CVE-2025-35939 Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. Please share your thoughts with us thro... CVSS: CRITICAL (9.8) Source: All CISA Advisories June 2nd, 2025 (2 days ago)
	Frequently Asked Questions About BadSuccessor 🚨 Marked as known exploited on June 2nd, 2025 (2 days ago). Description: Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller.BackgroundTenable’s Research Special Operations (RSO) and the Identity Content team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed zero-day in Active Directory called BadSuccessor.FAQWhat is BadSuccessor?BadSuccessor is the name of a zero-day privilege escalation vulnerability in Active Directory that was discovered and disclosed by Yuval Gordon, a security researcher at Akamai.According to Gordon, the flaw exists in delegated Managed Service Accounts (dMSAs), a service account type in Active Directory (AD) that was introduced in Windows Server 2025 to enable the migration of non-managed service accounts.What are the vulnerabilities associated with BadSuccessor?As of June 2, Microsoft had not assigned a CVE identifier for BadSuccessor. Microsoft is the CVE Numbering Authority (CNA) for its products. Since there are currently no patches available for BadSuccessor, no CVE has been assigned. If Microsoft does assign a CVE alongside patches for it, we will update this blog accordingly.How is BadSuccessor exploited?To exploit BadSuccessor, an attacker needs to be able to access a user account with specific permissions in AD, and at least one domain controller in the domain needs to be running Windows Server 2025.Based on Akamai’s research, even if an AD do... Source: Tenable Blog June 2nd, 2025 (2 days ago)
	Qualcomm fixes three Adreno GPU zero-days exploited in attacks 🚨 Marked as known exploited on June 2nd, 2025 (2 days ago). Description: Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks. [...] Source: BleepingComputer June 2nd, 2025 (2 days ago)
	Nuclei Templates Monthly - May 2025 🚨 Marked as known exploited on May 31st, 2025 (4 days ago). Description: Summary of Releases v10.2.1 & v10.2.2 This month, we've released two new versions of Nuclei Templates, which introduce numerous improvements and new templates for Nuclei users. Here are some highlighted stats from the combined releases: 🎉 106 new templates added 🔥 57 new CVEs covered 🛡️ 10 actively exploited KEVs included 🚀 11 first-time contributions 💰 Template Reward program launched Introduction The Nuclei Templates v10.2.1 and v10.2.2 were released earlier this Month, introducing Source: ProjectDiscovery Blog May 31st, 2025 (4 days ago)
	Hackers are exploiting critical flaw in vBulletin forum software 🚨 Marked as known exploited on May 30th, 2025 (5 days ago). Description: Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...] Source: BleepingComputer May 30th, 2025 (5 days ago)