CVE CyberSecurity Database News (Page 85)

Apr 10, 2025 WordPress API Exploit

CVE-2025-3102 - SureTriggers WordPress Plugin Authentication Bypass – How Attackers Can Forge Admin Accounts

The security of your WordPress website is only as strong as the plugins you use. Recently, a critical vulnerability known as CVE-2025-3102 has been discovered

Apr 10, 2025 RCE Exploit PHP

CVE-2024-58136 - Yii2 Behavior Attach Bypass & Wild Exploitation (Exclusive Long Read)

Intro In the early months of 2025, security experts started noticing attacks leveraging a fresh vulnerability in Yii 2 web applications. Dubbed CVE-2024-58136, this bug

Apr 10, 2025

CVE-2025-32728 - How OpenSSH's DisableForwarding Directive Fails to Block X11 and Agent Forwarding (with Exploit Example)

OpenSSH is the most widely used SSH server and client suite out there. It's known for strong security, but sometimes bugs get through

Apr 9, 2025

CVE-2025-32387 - Exploiting Stack Overflow via Malicious Chart Schemas in Helm – Explained

Helm is the most popular package manager for Kubernetes, and it uses “charts” to define, install, and upgrade applications. Like all widely used tools, it

Apr 9, 2025 Exploit

CVE-2025-32386 - Helm Chart Archive Decompression Bug Can Crash Your Apps – Full Analysis & Exploit Example

Summary: If you use Helm to manage Kubernetes applications, there’s a security issue you should know: CVE-2025-32386. In versions before v3.17.3, Helm