CVE CyberSecurity Database News (Page 111)

Apr 4, 2025 RCE API Exploit

CVE-2025-27520 - Critical RCE in BentoML (<1.4.3) — Unsafe Deserialization Leads to Remote Code Execution

BentoML is a popular open-source Python framework designed for serving ML/AI models at scale with minimal code. Organizations adopt it to deploy ML models

Apr 4, 2025 RCE Microsoft Exploit Google

CVE-2025-29815 - Exploiting Use-After-Free in Microsoft Edge (Chromium-Based) for Remote Code Execution

In early 2025, security researchers uncovered a critical vulnerability in Microsoft Edge (Chromium-based), tracked as CVE-2025-29815. This "use-after-free" flaw can allow an attacker

Apr 4, 2025 RCE Windows Microsoft Google Chrome

CVE-2025-25000 - Type Confusion in Microsoft Edge (Chromium-Based) Lets Attackers Run Code Remotely

--- Microsoft Edge is the default web browser for Windows 10 and 11. Since it’s based on Chromium (the same core as Chrome), most

Apr 3, 2025 API

CVE-2025-31161 - CrushFTP Authentication Bypass & Admin Takeover Explained

CrushFTP is a popular secure FTP, WebDAV, S3, and HTTP(S) file server solution, used by organizations globally. But in March and April 2025, attackers

Apr 3, 2025

CVE-2025-30406 - How Hackers Exploited Gladinet CentreStack’s Hardcoded machineKey for Remote Code Execution

Gladinet CentreStack is popular business software for secure file sharing and cloud storage. But in early March 2025, security researchers discovered a critical vulnerability—CVE-2025-30406—