CVE-2025-25246 - Unauthenticated Remote Code Execution on NETGEAR XR100, XR100v2, and XR500 Routers
Recently, a serious security flaw, CVE-2025-25246, was discovered in several NETGEAR WiFi routers: XR100 (before 1...74), XR100v2 (before 1.1..22), and XR500 (before
CVE-2025-1028 - Remote Code Execution via Arbitrary File Upload in Contact Manager for WordPress (up to 8.6.4)
On June 13, 2024, a serious vulnerability—CVE-2025-1028—was disclosed in the popular “Contact Manager” WordPress plugin, affecting all versions up to, and including, 8.
CVE-2025-23114 - Veeam Updater TLS Certificate Validation Flaw Allows Remote Code Execution
Published: June 2024
Severity: Critical
Affected Product: Veeam Backup & Replication (Updater Component)
Summary
A newly published vulnerability, CVE-2025-23114, affects Veeam Backup & Replication products.
CVE-2025-0413 - Parallels Desktop Local Privilege Escalation via Technical Data Reporter (ZDI-CAN-25014) – Exploit Explained
Parallels Desktop is one of the most popular tools for running virtual machines on macOS. However, in its widespread use, it’s not immune to
CVE-2025-24964 - Critical Remote Code Execution in Vitest via Cross-site WebSocket Hijacking
Vitest is a popular testing framework built on top of Vite. With its blazing speed and developer-friendly features, it’s become a go-to choice for
Episode
00:00:00
00:00:00