Cyber alerts Severity Medium (109) Medium (109) High (19) High (19) Year 2025 (135) 2025 (135) Month 0 (16) January (16) 1 (13) February (13) 2 (14) March (14) 3 (9) April (9) 4 (12) May (12) 5 (14) June (14) 6 (8) July (8) 7 (11) August (11) 8 (8) September (8) 9 (8) October (8) 10 (10) November (10) 11 (12) December (12) Threat type Insecure software (129) Insecure software (129) Vulnerability (3) Vulnerability (3) Intelligence (2) Intelligence (2) Attack methodology (1) Attack methodology (1) 135 results Loading... December 2025 CC-4724 Medium Published Wednesday 10 December 2025 (12:24) (updated 16 December 2025) Fortinet Releases Security Advisory for FortiCloud SSO Login Authentication Bypass The security advisory address two vulnerabilities that could allow an attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message CC-4723 High Published Thursday 4 December 2025 (01:43) (updated 5 December 2025) Critical Vulnerabilities in React and Next.js An attacker could exploit CVE-2025-55182 to perform remote code execution. CVE-2025-55182 affects React and dependent React frameworks such as Next.js. November 2025 CC-4722 Medium Published Wednesday 26 November 2025 (04:27) (updated 26 November 2025) SHA1-Hulud Supply Chain Attack Affecting npm Packages A supply chain campaign dubbed "Shai Hulud 2.0" and "Sha1 Hulud: The Second Coming" affecting hundreds of npm packages CC-4721 Medium Published Monday 24 November 2025 (02:43) (updated 24 November 2025) Exploited Vulnerability in Oracle Fusion Identity Manager A critical vulnerability could allow an unauthenticated attacker to takeover Oracle Identity Manager CC-4720 Medium Published Wednesday 19 November 2025 (12:54) (updated 19 November 2025) Exploitation of Fortinet FortiWeb Vulnerability CVE-2025-58034 Advisory addresses a vulnerability that could allow an authenticated attacker to perform remote code execution via crafted HTTP requests or CLI commands CC-4719 Medium Published Tuesday 18 November 2025 (03:25) (updated 20 November 2025) Proof-of-Concept Exploit Reported for CVE-2025-11001 in 7-Zip Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code CC-4718 Medium Published Tuesday 18 November 2025 (11:02) (updated 18 November 2025) Google Releases Security Update for Chrome Security update addresses an exploited high severity vulnerability in Google Chrome CC-4717 Medium Published Friday 14 November 2025 (01:42) (updated 21 November 2025) Fortinet FortiWeb Path Traversal Vulnerability Under Zero-Day Exploitation Security researchers have observed mass exploitation of CVE-2025-64446 in the wild. CC-4716 Medium Published Thursday 13 November 2025 (03:01) (updated 17 November 2025) Exploitation of WatchGuard Firebox OS Vulnerability CVE-2025-9242 Advisory addresses a critical vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code CC-4715 Medium Published Wednesday 12 November 2025 (04:02) (updated 12 November 2025) Microsoft Releases November 2025 Security Updates Scheduled updates for Microsoft products address 63 vulnerabilities, of which 1 is under exploitation. 1 2 3 4 5 6 7 8 9 10
CC-4724 Medium Published Wednesday 10 December 2025 (12:24) (updated 16 December 2025) Fortinet Releases Security Advisory for FortiCloud SSO Login Authentication Bypass The security advisory address two vulnerabilities that could allow an attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message
CC-4723 High Published Thursday 4 December 2025 (01:43) (updated 5 December 2025) Critical Vulnerabilities in React and Next.js An attacker could exploit CVE-2025-55182 to perform remote code execution. CVE-2025-55182 affects React and dependent React frameworks such as Next.js.
CC-4722 Medium Published Wednesday 26 November 2025 (04:27) (updated 26 November 2025) SHA1-Hulud Supply Chain Attack Affecting npm Packages A supply chain campaign dubbed "Shai Hulud 2.0" and "Sha1 Hulud: The Second Coming" affecting hundreds of npm packages
CC-4721 Medium Published Monday 24 November 2025 (02:43) (updated 24 November 2025) Exploited Vulnerability in Oracle Fusion Identity Manager A critical vulnerability could allow an unauthenticated attacker to takeover Oracle Identity Manager
CC-4720 Medium Published Wednesday 19 November 2025 (12:54) (updated 19 November 2025) Exploitation of Fortinet FortiWeb Vulnerability CVE-2025-58034 Advisory addresses a vulnerability that could allow an authenticated attacker to perform remote code execution via crafted HTTP requests or CLI commands
CC-4719 Medium Published Tuesday 18 November 2025 (03:25) (updated 20 November 2025) Proof-of-Concept Exploit Reported for CVE-2025-11001 in 7-Zip Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code
CC-4718 Medium Published Tuesday 18 November 2025 (11:02) (updated 18 November 2025) Google Releases Security Update for Chrome Security update addresses an exploited high severity vulnerability in Google Chrome
CC-4717 Medium Published Friday 14 November 2025 (01:42) (updated 21 November 2025) Fortinet FortiWeb Path Traversal Vulnerability Under Zero-Day Exploitation Security researchers have observed mass exploitation of CVE-2025-64446 in the wild.
CC-4716 Medium Published Thursday 13 November 2025 (03:01) (updated 17 November 2025) Exploitation of WatchGuard Firebox OS Vulnerability CVE-2025-9242 Advisory addresses a critical vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code
CC-4715 Medium Published Wednesday 12 November 2025 (04:02) (updated 12 November 2025) Microsoft Releases November 2025 Security Updates Scheduled updates for Microsoft products address 63 vulnerabilities, of which 1 is under exploitation.