CVE CyberSecurity Database News (Page 29)

Sep 19, 2025 Exploit

CVE-2025-10630 - Grafana-Zabbix Plugin ReDoS Vulnerability Explained (w/ Exploit Example)

Grafana is a popular open-source platform used for monitoring and observability. Its flexibility and plugin support make it a staple in system monitoring setups. One

Sep 19, 2025 RCE Exploit PHP

CVE-2025-48703 - Unauthenticated Remote Code Execution in CWP (Control Web Panel) File Manager – Full Exploit Guide

--- Published: June 2024 Vulnerable Software: CWP (Control Web Panel, formerly CentOS Web Panel) < .9.8.1205 Vulnerability Type: Remote Code Execution (RCE) Attack

Sep 18, 2025 API Exploit Java

CVE-2025-10035 - GoAnywhere MFT License Servlet Deserialization Flaw — How It Works and Why It Matters

In early 2025, a serious vulnerability—CVE-2025-10035—was disclosed affecting Fortra’s GoAnywhere Managed File Transfer (MFT) solution. A bug in the License Servlet allows

Sep 18, 2025

CVE-2025-47906 - RCE in Go’s `LookPath` When PATH Contains Executables Instead of Folders

A newly disclosed vulnerability, CVE-2025-47906, has been found in the popular Go programming language’s os/exec library. If the PATH environment variable ($PATH) contains

Sep 16, 2025 Windows Microsoft

CVE-2025-49728 - How Cleartext Storage in Microsoft PC Manager Leaks Sensitive Info

A new vulnerability, CVE-2025-49728, has recently caught the cybersecurity community’s attention. This flaw involves Microsoft PC Manager—a popular utility for Windows users—storing