🚨 ALERT! 🚨 #NextJS finally achieved what we all thought impossible: a CVSS 10.0 vulnerability! 🎯 Bravo, they've hit the bullseye of FAIL! 🙈 It's always heartwarming when devs leave the #backdoor open for #hackers to make themselves at home. 🏠🔓
https://nextjs.org/blog/CVE-2025-66478 #Vulnerability #CVSS10 #SecurityFail #HackerNews #ngated

⚠️ Kritisk sårbarhet i Cisco IOS XE Wireless Controller – godtycklig filuppladdning möjlig. CVSS-score på 10 av 10 möjliga!

https://kryptera.se/kritisk-sarbarhet-i-cisco-ios-xe-wireless-controller-godtycklig-filuppladdning-mojlig/

#Cisco #IOSXE #CiscoWLC #CVSS10 #CVE202520188 #Sårbarhet #Informationssäkerhet #ITsäkerhet #RootAccess #RCE #JWT #HardCodedCredentials #PathTraversal #WirelessLAN #Catalyst9800 #Nätverkssäkerhet #Sårbarhetsanalys #Exploit #Cybersecurity #SecurityAdvisory

#Patchday: #Intel schließt unter anderem kritische Lücke mit Höchstwertung | Security https://www.heise.de/news/Patchday-Intel-schliesst-unter-anderem-kritische-Luecke-mit-Hoechstwertung-9722185.html #CVSS10

GitLab admins: Get patchin'. Now. https://cku.gt/D4bjM
This 0day is exploited ITW as we speak, I have multiple reports of successful admin account takeovers.
#0day #gitlab #privesc #patchnow #cvss10

This #owncloud graphapi vulnerability (seriously, phpinfo, in 2023?) is one of those things that only affect a fraction of users, but if you're affected, you'd better have already addressed it, because the #exploit is live.

https://arstechnica.com/security/2023/11/owncloud-vulnerability-with-a-maximum-10-severity-rating-comes-under-mass-exploitation/

#CVSS10