Vulnerability Disclosure

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability

A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulner...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remo...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Ca...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 25

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site ...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 25

Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their priv...

T1548 T1598

Cisco Advisories →

Infosecurity Magazine Vulnerability Disclosure SentinelOne Mar 25

Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

Infosecurity Magazine →

SC Media Vulnerability Disclosure Mar 25

2026 SC Award winner Nucleus Security — Best Vulnerability Management Solution

Nucleus awarded for AI-driven vulnerability management that prioritizes real risk.

SC Media →

The Hacker News Vulnerability Disclosure Mar 25

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against ...

T1021 T1592

The Hacker News →

GBHackers Vulnerability Disclosure Adobe Mar 25

Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access

A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team ...

T1598

GBHackers →

GBHackers Vulnerability Disclosure Mar 25

ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill

Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability ...

T1598

GBHackers →

Help Net Security Vulnerability Disclosure Tenable Intel Mar 25

Tenable Hexa AI automates exposure management and security workflows

Tenable has revealed Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform that automates security workflows and transforms ...

Help Net Security →

Recorded Future Vulnerability Disclosure Microsoft Apple Mar 25

ClickFix Campaigns Targeting Windows and macOS

Insikt Group reveals five ClickFix social engineering clusters (QuickBooks, Booking.com, Birdeye) targeting Windows and macOS.

T1204 1 IOC

Recorded Future →

BleepingComputer Vulnerability Disclosure Mar 24

PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug

PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote c...

T1190

BleepingComputer →