< ciso
brief />
Security Advisory and Patch Watch Banner

All news in category “Security Advisory and Patch Watch

2062 articles · page 59 of 104

YoSmart YoLink Vulnerabilities Affect Server, Hub, App

🔒 CISA reported several vulnerabilities in the YoSmart YoLink ecosystem impacting the cloud server, Smart Hub, and mobile application. Exploitation could let attackers remotely control other users' devices, intercept unencrypted MQTT traffic, and hijack sessions. YoSmart pushed server-side fixes and will deliver a hub firmware update over-the-air; users should update the YoLink mobile app to 1.40.45 or later.
read more →

ServiceNow Patches Critical Flaw in AI Platform — Oct 2025

🔒 ServiceNow has released fixes for a critical flaw in its ServiceNow AI Platform that could allow an unauthenticated actor to impersonate other users and perform arbitrary actions. Tracked as CVE-2025-12420 with a CVSS score of 9.3, the issue was addressed on October 30, 2025 and deployed to the majority of hosted instances. Patches were also shared with partners and self-hosted customers; administrators are advised to apply updates promptly to mitigate risk.
read more →

RCE Risks in AI Python Libraries via Config Instantiation

🔒 Three widely used open-source AI/ML Python libraries — NVIDIA NeMo, Salesforce uni2TS, and Apple ml-flextok — were found vulnerable to remote code execution when model metadata was treated as executable configuration. The root cause is unsafe use of configuration-driven instantiation (for example Hydra's instantiate()) that accepts attacker-controlled _target_ values. Vendors released patches and CVE notices; users should apply fixes, restrict allowed targets, and avoid loading models from untrusted sources.
read more →

CISA: Active Exploitation of Gogs Path Traversal Flaw

⚠️ CISA has added CVE-2025-8110 to its Known Exploited Vulnerabilities catalog after reports of active exploitation targeting Gogs. The high-severity (CVSS 8.7) flaw is a path traversal in the repository file editor's PutContents API that mishandles symbolic links and can lead to remote code execution. There is not yet an official upstream patch, though GitHub pull requests show fixes have been merged and maintainers say new images will include the correction once built. Until patched, users should disable default open-registration, restrict server access behind VPNs or allow-lists, and apply other access controls; FCEB agencies must implement mitigations by Feb 2, 2026.
read more →

January 2026 Patch Tuesday: 114 CVEs Including Zero-Days

🔔 Microsoft released its January 2026 Patch Tuesday addressing 114 vulnerabilities, including three zero-days and several Critical flaws. Notable fixes include an actively exploited information-disclosure issue in Windows Desktop Window Manager (CVE-2026-20805) and publicly disclosed zero-days in Agere Soft Modem and Secure Boot. The release also remediates multiple Critical RCE and elevation-of-privilege issues across Windows and Microsoft Office. Organizations should prioritize testing and deployment and apply compensating controls where immediate patching is impractical.
read more →

CISA Orders Federal Patch for Gogs RCE Zero-Day Exploit

⚠️ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a high-severity remote code execution flaw in Gogs tracked as CVE-2025-8110. The issue is a path traversal weakness in the PutContents API that lets authenticated attackers overwrite files outside repositories via symbolic links, enabling arbitrary command execution. Patches released last week add symlink-aware path validation; agencies must remediate by February 2, 2026. Administrators are advised to disable default open registration and restrict server access.
read more →

Hidden Telegram proxy links can expose your IP in one click

🔒 Researchers showed that tapping what looks like a Telegram username can trigger the app to auto-connect to a proxy and reveal your real IP address. The issue arises from how MTProto proxy links (t.me/proxy?...) are parsed on Android and iOS: the client performs an automatic test connection before the proxy is added. Attackers can host malicious proxies and disguise links as benign usernames or URLs to log IPs for location, profiling, or DDoS. Telegram says IP visibility is not unique to its platform and will add warnings for proxy links; users should be cautious with unfamiliar t.me links.
read more →

Ni8mare: Critical n8n vulnerability impacts ~60,000 instances

⚠️ A maximum-severity flaw dubbed Ni8mare (CVE-2026-21858) affects n8n and can allow unauthenticated remote attackers to take control of local instances by exploiting improper input validation in Form Submission triggers. Researchers say the bug enables secret exfiltration, session forgery, file injection, and command execution. Administrators should upgrade to n8n 1.121.0 immediately or restrict public webhook/form endpoints as a temporary mitigation.
read more →

Auditing Salesforce Aura: Detecting Data Exposure Risks

🔍 Mandiant introduces AuraInspector, an open-source CLI to detect access-control misconfigurations in Salesforce Aura implementations. The post explains common Aura endpoint methods attackers misuse, a GraphQL technique to bypass the 2,000-record retrieval limit, and how action bulking can enumerate records. It also outlines remediation steps and security best practices to restrict Guest and authenticated user privileges.
read more →

CISA Adds Gogs Path Traversal to KEV Catalog - Remediate

⚠️ CISA added CVE-2025-8110 to its Known Exploited Vulnerabilities (KEV) Catalog for a Gogs path traversal vulnerability after evidence of active exploitation. The advisory cites BOD 22-01 requirements for Federal Civilian Executive Branch agencies to remediate cataloged KEV entries by the due date. CISA strongly urges all organizations to prioritize timely patching to reduce exposure. CISA will continue to add vulnerabilities that meet the specified criteria.
read more →

Trend Micro Patches Critical Flaws in Apex Central

🛡️ Trend Micro has released a security update for Apex Central after vulnerability management vendor Tenable identified multiple serious flaws affecting all on-premises builds earlier than 7190. The most severe is a 9.8-rated LoadLibraryEX issue that can allow an unauthenticated attacker to force the server to load and execute an attacker-controlled DLL as SYSTEM. Two additional high-severity, unauthenticated flaws can cause denial-of-service. Trend Micro urges customers to apply build 7190 and review remote access controls immediately.
read more →

Critical Ni8mare RCE in n8n threatens 100,000 servers

⚠️ Security researchers at Cyera disclosed a critical vulnerability dubbed Ni8mare in the workflow automation platform n8n, enabling remote code execution and potential full environment compromise. The flaw, tracked as CVE-2026-21858, carries a CVSS score of 10.0 and impacts roughly 100,000 servers. The root cause is a Content-Type confusion in webhook processing that lets attackers overwrite internal variables, read arbitrary files and inject malicious payloads. n8n released a patched build (1.121.0); administrators should upgrade immediately and rotate any exposed credentials and tokens.
read more →

CISA Flags Critical RCE in HPE OneView Under Attack

⚠️ CISA has added a max-severity remote code execution flaw in HPE OneView (CVE-2025-37164) to its Known Exploited Vulnerabilities catalog after HPE published an advisory and a patch. The vulnerability allows unauthenticated attackers to execute arbitrary commands via a publicly reachable REST API endpoint and carries a CVSS score of 10.0. Organizations face a narrow window to carefully patch management-plane deployments to avoid both exploitation and unintended operational disruption.
read more →

Trend Micro fixes critical RCE in Apex Central console

🔒Trend Micro has released a patch for a critical remote code execution vulnerability (CVE-2025-69258) affecting Apex Central on-premises consoles. A LoadLibraryEX weakness could allow unauthenticated attackers to inject malicious DLLs into MsgReceiver.exe (listening on TCP port 20001) and execute code as SYSTEM without user interaction. Tenable reported the flaw, published technical details and proof-of-concept code, and Trend Micro issued Critical Patch Build 7190 — which also addresses two related DoS flaws — urging customers to apply updates and review remote access and perimeter security.
read more →

Trend Micro Apex Central RCE CVE-2025-69258 Scores 9.8

🔒 Trend Micro has released patches for on-prem Apex Central for Windows to fix multiple flaws, including a critical remote code execution (CVE-2025-69258, CVSS 9.8) that can allow an attacker to load a malicious DLL via LoadLibraryEX. Two additional denial-of-service issues (CVE-2025-69259 and CVE-2025-69260, both CVSS 7.5) were also addressed. Tenable reported the vulnerabilities and notes MsgReceiver.exe (listening on TCP port 20001) is implicated. Customers should apply updates and review remote access controls and perimeter defenses.
read more →

Cisco ISE XML Parsing Flaw Risks Sensitive Data Exposure

🔒 Cisco has disclosed a vulnerability (CVE-2026-20029) in Cisco ISE and ISE-PIC that could allow an authenticated administrator to read arbitrary files on the server due to improper XML parsing. Proof-of-concept exploit code exists though no active attacks are reported. Cisco assigns CVSS 4.9 (medium). Administrators should rotate credentials, limit who and what can reach ISE, and install the vendor patch as soon as service downtime allows.
read more →

Cisco switches enter reboot loops due to DNS client bug

⚠️ Multiple Cisco switch models are entering reboot loops after an apparent firmware bug in the internal DNS client began treating DNS lookup failures as fatal errors. The problem began around 2 AM and affected devices log fatal DNS_CLIENT errors (for example 'SRCADDRFAIL' when resolving 'www.cisco.com'), then reboot every few minutes, seriously disrupting network operations. Administrators report affected lines include CBS, SG and Catalyst C1200/C1300 series. Temporary mitigations include disabling DNS or SNTP on management interfaces or blocking outbound management access while Cisco investigates.
read more →

Critical RCE in Hitachi Energy Asset Suite (Jasper)

⚠️ Hitachi Energy has disclosed a critical remote code execution vulnerability in Asset Suite, caused by a Java deserialization flaw in the Jaspersoft library (CVE-2025-10492). The issue affects Asset Suite versions 9.7 and earlier and carries a CVSS v3.1 base score of 9.8 — allowing attackers to execute arbitrary code on vulnerable systems. Hitachi Energy advises upgrading to version 9.8 to remediate the defect. Until patched, administrators should restrict loading of external custom reports, segment networks, and deny internet exposure for control system devices.
read more →

Critical jsPDF Flaw Allows Arbitrary File Read in Node.js

🔒 A critical vulnerability in jsPDF (CVE-2025-68428) affected Node.js deployments and allowed untrusted input passed to file-handling APIs to produce arbitrary file reads and local file inclusion. Endor Labs found that methods like addImage, html, and addFont relied on an insecure loadFile() call, enabling attackers to embed sensitive files into generated PDFs. Maintainers released jsPDF 4.0.0 to restrict filesystem access via Node.js permission mode, but researchers warn upgrading alone may not fully mitigate risk in environments without properly configured runtime permissions.
read more →

Cisco patches XML parsing flaw in ISE and Snort 3 software

🔒 Cisco has issued updates to address a medium-severity XML parsing vulnerability (CVE-2026-20029, CVSS 4.9) in Identity Services Engine (ISE) and ISE Passive Identity Connector. The flaw in the licensing feature allows an authenticated administrator to upload a crafted file and read arbitrary files from the underlying operating system. Cisco lists specific fixed releases and patches (pre-3.2 must migrate; 3.2/3.3/3.4 have patches; 3.5 not vulnerable), reports no workaround, and acknowledges a public PoC while noting no known in-the-wild exploitation. The advisory also includes fixes for two Snort 3 DCE/RPC issues affecting multiple Cisco products.
read more →