CVE CyberSecurity Database News (Page 45)

May 20, 2025 RCE

CVE-2025-47277 - vLLM PyNcclPipe Exposes Insecure Distributed KV Cache Channels on All Interfaces (Versions .6.5–.8.4)

*By [Your Name], June 2024* Overview CVE-2025-47277 refers to a network exposure vulnerability in vLLM, a popular high-performance inference engine for Large Language Models (LLMs)

May 20, 2025 Windows

CVE-2025-37899 - Deep Dive Into A "ksmbd" Use-After-Free Vulnerability (With Exploit Details & Patches)

The Linux kernel, powering much of the modern internet and many mission-critical systems, is no stranger to security threats. Today, we’ll break down CVE-2025-37899—

May 20, 2025 Windows API Exploit

CVE-2025-41225 - Authenticated Command Execution in VMware vCenter Server – Deep Dive, Exploit, and Remediation

On June 5th, 2025, VMware disclosed CVE-2025-41225, a critical vulnerability in vCenter Server. This flaw allows any authenticated user with enough privileges to create or

May 17, 2025 Exploit

CVE-2025-4919 - Out-of-Bounds Read/Write via Array Index Confusion in Firefox and Thunderbird

--- In June 2025, security researchers and Mozilla announced a high-severity vulnerability tracked as CVE-2025-4919. This flaw impacted multiple versions of Firefox and Thunderbird—including

May 17, 2025

CVE-2025-4918 - Exploiting Out-of-Bounds Read/Write on JavaScript Promise in Firefox and Thunderbird

A critical security vulnerability—CVE-2025-4918—was found in Mozilla Firefox and Thunderbird affecting how JavaScript Promise objects are handled. This flaw lets attackers perform out-of-bounds