Fortinet Product Security Team discovered a security vulnerability impacting FortiOS and FortiSwitchManager. Tracked as CVE-2025-25249, the vulnerability is a high-severity issue with a CVSS score of 7.3. The heap-based buffer overflow vulnerability exists in FortiOS and FortiSwitchManager cw_acd daemon. The vulnerability may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Microsoft Patch Tuesday, January 2026 Security Update Review
Starting the year on a security-first note, Microsoft’s January 2026 Patch Tuesday resolves several vulnerabilities that could impact enterprise environments. Here’s a quick breakdown of what you need to know. This month’s release addresses 115 vulnerabilities, including eight critical and 106 important-severity vulnerabilities. In this month’s updates, Microsoft has addressed three zero-day vulnerabilities. One of them was exploited, and two are publicly disclosed. Microsoft addressed one vulnerability in Microsoft Edge (Chromium-based) that was patched earlier this month.
Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029)
Cisco released a security advisory to address a medium-severity vulnerability impacting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC. Tracked as CVE-2026-20029, the vulnerability may allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. Cisco mentioned in their advisory that “Cisco PSIRT is aware that proof-of-concept exploit code is available for the … Continue reading “Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029)”
N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877)
N8n is vulnerable to a maximum severity flaw that could allow an authenticated attacker to execute arbitrary code with the privileges of the n8n process. Tracked as CVE-2026-21877, the vulnerability has a CVSS score of 10. Under certain conditions, an authenticated user may cause untrusted code to be executed by the n8n service. This could … Continue reading “N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877)”
N8n Critical Arbitrary Command Execution Vulnerability (CVE-2025-68668)
A new vulnerability has been discovered in n8n, an open-source workflow automation tool. Tracked as CVE-2025-68668, the vulnerability has a critical severity rating with a CVSS score of 9.9. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. For successful exploitation of the vulnerability, an attacker must be authenticated and have permission to create or modify workflows.
MongoDB Memory Disclosure Vulnerability Under Active Exploitation (CVE-2025-14847) (MongoBleed)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB vulnerability to its Known Exploited Vulnerabilities Catalog, acknowledging the active exploitation of the vulnerability. CISA urges users to patch the vulnerability before January 19, 2026. Tracked as CVE-2025-14847, the vulnerability has a high severity rating with a CVSS score of 8.7. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to disclose sensitive data from the MongoDB server memory. The vulnerability … Continue reading “MongoDB Memory Disclosure Vulnerability Under Active Exploitation (CVE-2025-14847) (MongoBleed)”
Cisco Releases Fix for Actively Exploited Zero-day Vulnerability (CVE-2025-20393)
Cisco Talos discovered a cyberattack campaign targeting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Tracked as CVE-2025-20939, the vulnerability may allow an attacker to execute arbitrary commands with root privileges on the underlying operating system of targeted appliances. The vulnerability has a critical severity rating with a … Continue reading “Cisco Releases Fix for Actively Exploited Zero-day Vulnerability (CVE-2025-20393)”
Apple Warns of Zero-day Vulnerability Exploited in Attack (CVE-2025-43529)
Apple issued security updates for iOS, iPadOS, macOS, and its Safari web browser to address a vulnerability being exploited in the wild. Tracked as CVE-2025-43529, the use-after-free vulnerability exists in WebKit. An attacker may exploit the vulnerability by processing maliciously crafted web content, leading to arbitrary code execution. The vulnerability was addressed with improved memory management. Apple is aware of an active exploitation of a vulnerability in a highly sophisticated attack targeting specific, high-profile individuals on iOS versions before iOS 26.
React Server Components Multiple Vulnerabilities (CVE-2025-55184, CVE-2025-67779, & CVE-2025-55183)
React Server Components (RSC) are vulnerable to two high-severity and one medium-severity vulnerabilities, tracked as CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779. CVE-2025-55184 and CVE-2025-67779 can lead to denial-of-service attacks, while CVE-2025-55183 exposes backend source code, potentially leaking API keys and other sensitive information.
CISA Warns Actively Exploited GeoServer Unauthenticated XML XXE Vulnerability (CVE-2025-58360)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer vulnerability to its Known Exploited Vulnerabilities Catalog, acknowledging the active exploitation of the vulnerability. Tracked as CVE-2025-58360, the vulnerability has a high severity rating with a CVSS score of 8.2. Successful exploitation of the vulnerability may allow an attacker to retrieve arbitrary files from the server’s file system. GeoServer is an open-source server software written … Continue reading “CISA Warns Actively Exploited GeoServer Unauthenticated XML XXE Vulnerability (CVE-2025-58360)”