CVE CyberSecurity Database News (Page 2)

Dec 9, 2025 Exploit

CVE-2025-14345 - Post-Authentication Flaw in MongoDB’s Cross-Shard Transactions—Deep Dive & Exploit Insights

In June 2025, MongoDB disclosed CVE-2025-14345, a subtle yet impactful vulnerability affecting its distributed transaction logic. This vulnerability lurks in the way the Two-Phase Commit

Dec 8, 2025 Exploit

CVE-2025-40322 - Out-of-Bounds Glyph Access in Linux Kernel fbdev Bitblit (Exploit Details & Patch Analysis)

A new security issue has been discovered and resolved in the Linux kernel's framebuffer (fbdev) subsystem. Labeled CVE-2025-40322, this bug allowed attackers to

Dec 8, 2025 Exploit

CVE-2025-40312 - How Corrupted JFS Filesystems Could Crash Your Linux Box (And How It’s Now Fixed)

--- Introduction In June 2024, Linux kernel maintainers fixed a subtle but dangerous bug in the JFS filesystem code. Known as CVE-2025-40312, this vulnerability could

Dec 5, 2025 Exploit Apache

CVE-2025-66200 - Exploiting mod_userdir + suEXEC Bypass via AllowOverride FileInfo Weakness in Apache HTTP Server

A new vulnerability has been discovered in Apache HTTP Server (CVE-2025-66200) that could allow attackers to bypass user isolation provided by suEXEC when combined with

Dec 3, 2025

CVE-2025-66478 - Understanding the Duplicate of CVE-2025-55182 (With Exploit Insights)

Note: On reviewing the security bulletin and the MITRE database, it has been determined that CVE-2025-66478 is not an independent vulnerability. Instead, it is a