Poster - CVE CyberSecurity Database News

Dec 3, 2025 RCE Exploit

CVE-2025-55182 - Pre-auth RCE in React Server Components – How Deserialization Opened the Door

React Server Components bring a lot of power to web development, but sometimes power comes with risk. In early 2025, a major vulnerability—CVE-2025-55182—was

Nov 21, 2025

CVE-2025-11934 - Downgrade Risk in wolfSSL’s TLS 1.3 CertificateVerify Signature Algorithm — Explained

When relying on encrypted connections, most of us trust that a modern library like wolfSSL keeps our data private and secure. But with CVE-2025-11934, a

Nov 21, 2025 Exploit

CVE-2025-11932 - How a Non-Constant Time PSK Binder Leak Can Break Your TLS 1.3 Security

CVE-2025-11932 is a newly disclosed vulnerability affecting certain TLS 1.3 server implementations. The issue? The server used a non-constant time method to verify the

Nov 21, 2025

CVE-2025-12888 - Timing Attack Found in X25519 Crypto Implementations on Xtensa-based ESP32 Chips

*Published: July 2024* A serious vulnerability, CVE-2025-12888, has been identified in the way X25519 cryptographic key exchange is implemented on Xtensa-based chips (notably the popular

Nov 21, 2025 Windows

CVE-2025-11933 - How Improper Input Validation in wolfSSL’s TLS 1.3 CKS Extension Can Cause DoS

A new vulnerability, CVE-2025-11933, has been discovered in wolfSSL up to version 5.8.2. This issue affects the popular security library on multiple platforms,