CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
🚨 Marked as known exploited on May 23rd, 2025 (29 days ago).
Description: Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.
CVSS: CRITICAL (9.8)
May 23rd, 2025 (29 days ago)
|
|
🚨 Marked as known exploited on May 23rd, 2025 (29 days ago).
Description: Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST effort to enhance vulnerability prioritization.Dive into five things that are top of mind for the week ending May 23.1 - Cyber agencies offer AI data security best practicesWith organizations gleefully deploying artificial intelligence (AI) tools to enhance their operations, cybersecurity teams face the critical task of securing AI data.If your organization is looking for guidance on how to protect the data used in AI systems, check out new best practices released this week by cyber agencies from Australia, New Zealand, the U.K. and the U.S.“This guidance is intended primarily for organizations using AI systems in their operations, with a focus on protecting sensitive, proprietary or mission-critical data,” reads the document titled “AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems.”“The principles outlined in this information sheet provide a robust foundation for securing AI data and ensuring the reliability and accuracy of AI-driven outcomes,” it adds. By drafting this guidance, the authoring agencies seek to accomplish three goals:Create awareness about data security risks involved in developing, testing and deploying AI systems.Offer bes...
May 23rd, 2025 (29 days ago)
|
CVE-2025-37922 |
🚨 Marked as known exploited on May 20th, 2025 (about 1 month ago).
Description: In the Linux kernel, the following vulnerability has been resolved:
book3s64/radix : Align section vmemmap start address to PAGE_SIZE
A vmemmap altmap is a device-provided region used to provide
backing storage for struct pages. For each namespace, the altmap
should belong to that same namespace. If the namespaces are
created unaligned, there is a chance that the section vmemmap
start address could also be unaligned. If the section vmemmap
start address is unaligned, the altmap page allocated from the
current namespace might be used by the previous namespace also.
During the free operation, since the altmap is shared between two
namespaces, the previous namespace may detect that the page does
not belong to its altmap and incorrectly assume that the page is a
normal page. It then attempts to free the normal page, which leads
to a kernel crash.
Kernel attempted to read user page (18) - exploit attempt? (uid: 0)
BUG: Kernel NULL pointer dereference on read at 0x00000018
Faulting instruction address: 0xc000000000530c7c
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries
CPU: 32 PID: 2104 Comm: ndctl Kdump: loaded Tainted: G W
NIP: c000000000530c7c LR: c000000000530e00 CTR: 0000000000007ffe
REGS: c000000015e57040 TRAP: 0300 Tainted: G W
MSR: 800000000280b033 CR: 84482404
CFAR: c000000000530dfc DAR: 0000000000000018 DSISR: 40000000 IRQMASK: 0
GPR00: c000000000530e00 c000000015e572e0 c000000002c5cb00 c00c00...
EPSS Score: 0.02%
May 20th, 2025 (about 1 month ago)
|
|
CVE-2024-11182 |
🚨 Marked as known exploited on May 19th, 2025 (about 1 month ago).
Description: An XSS issue was discovered in
MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message
with
JavaScript in an img tag. This could
allow a remote attacker
to load arbitrary JavaScript code in the context of a webmail user's browser window.
CVSS: MEDIUM (6.1) EPSS Score: 26.79% SSVC Exploitation: active
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-4427 |
🚨 Marked as known exploited on May 19th, 2025 (about 1 month ago).
Description: CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-4427 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
CVE-2025-4428 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2024-11182 MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
CVE-2025-27920 Srimax Output Messenger Directory Traversal Vulnerability
CVE-2024-27443 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
CVE-2023-38950 ZKTeco BioTime Path Traversal Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management p...
CVSS: MEDIUM (5.3) EPSS Score: 82.26%
May 19th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 16th, 2025 (about 1 month ago).
Description: Two critical Ivanti zero-days (CVE-2025-4427 and CVE-2025-4428) are now being actively exploited after a surge in scanning activity last month. When chained together, these vulnerabilities enable unauthenticated remote code execution on Ivanti Endpoint Manager Mobile systems.
CVSS: MEDIUM (5.3) EPSS Score: 82.26%
May 16th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 16th, 2025 (about 1 month ago).
Description: On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. [...]
May 16th, 2025 (about 1 month ago)
|
|
CVE-2024-23660 |
🚨 Marked as known exploited on May 15th, 2025 (about 1 month ago).
Description: The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 2023. An attacker can systematically generate mnemonics for each timestamp within an applicable timeframe, and link them to specific wallet addresses in order to steal funds from those wallets.
EPSS Score: 0.16% SSVC Exploitation: poc
May 15th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 15th, 2025 (about 1 month ago).
Description: Google has issued a security update for Chrome's Stable channel, addressing a high-severity vulnerability in Chrome's Loader component that has been actively exploited in the wild. The flaw, tracked under CVE-2025-4664, was publicly disclosed by security researcher ‘@slonser_‘ on May 5, 2025, through a series of technical posts on X. The exploit technique, which was …
The post Google Patches Actively Exploited Chrome Flaw Allowing Cross-Origin Data Leaks appeared first on CyberInsider.
CVSS: MEDIUM (4.3) EPSS Score: 0.06%
May 15th, 2025 (about 1 month ago)
|
|
🚨 Marked as known exploited on May 14th, 2025 (about 1 month ago).
Description: The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" — for now — and stem from open source libraries.
May 14th, 2025 (about 1 month ago)
|