The SOS Intelligence CVE Chatter Weekly Top Ten – 24 November 2025

by Amir Hadzipasic

November 24, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2023-41345

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

https://nvd.nist.gov/vuln/detail/CVE-2023-41345

2. CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution.
Refer to the ’01/02/2025 ASUS Router AiCloud vulnerability’ section on the ASUS Security Advisory for more information.

https://nvd.nist.gov/vuln/detail/CVE-2024-12912

3. CVE-2023-39780

https://nvd.nist.gov/vuln/detail/CVE-2023-39780

4. CVE-2025-2492

https://nvd.nist.gov/vuln/detail/CVE-2025-2492

5. CVE-2025-59367

https://nvd.nist.gov/vuln/detail/CVE-2025-59367

6. CVE-2024-34102

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.

https://nvd.nist.gov/vuln/detail/CVE-2024-34102

7. CVE-2025-8088

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

8. CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.

https://nvd.nist.gov/vuln/detail/CVE-2025-49844

9. CVE-2025-13223

Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-13223

10. CVE-2021-40539

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2021-40539

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 17 November 2025

by Amir Hadzipasic

November 17, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2024-34102

https://nvd.nist.gov/vuln/detail/CVE-2024-34102

2. CVE-2025-8088

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

3. CVE-2024-21762

https://nvd.nist.gov/vuln/detail/CVE-2024-21762

4. CVE-2016-10033

https://nvd.nist.gov/vuln/detail/CVE-2016-10033

5. CVE-2017-8759

https://nvd.nist.gov/vuln/detail/CVE-2017-8759

6. CVE-2021-40539

https://nvd.nist.gov/vuln/detail/CVE-2021-40539

7. CVE-2024-10687

https://nvd.nist.gov/vuln/detail/CVE-2024-10687

8. CVE-2024-21060

https://nvd.nist.gov/vuln/detail/CVE-2024-21060

9. CVE-2025-21204

https://nvd.nist.gov/vuln/detail/CVE-2025-21204

10. CVE-2025-49844

https://nvd.nist.gov/vuln/detail/CVE-2025-49844

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 10 November 2025

by Amir Hadzipasic

November 10, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2024-34102

https://nvd.nist.gov/vuln/detail/CVE-2024-34102

2. CVE-2025-8088

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

3. CVE-2021-40539

https://nvd.nist.gov/vuln/detail/CVE-2021-40539

4. CVE-2024-10687

https://nvd.nist.gov/vuln/detail/CVE-2024-10687

5. CVE-2024-21060

https://nvd.nist.gov/vuln/detail/CVE-2024-21060

6. CVE-2024-21762

https://nvd.nist.gov/vuln/detail/CVE-2024-21762

7. CVE-2017-8759

https://nvd.nist.gov/vuln/detail/CVE-2017-8759

8. CVE-2025-21204

https://nvd.nist.gov/vuln/detail/CVE-2025-21204

9. CVE-2016-10033

https://nvd.nist.gov/vuln/detail/CVE-2016-10033

10. CVE-2025-49844

https://nvd.nist.gov/vuln/detail/CVE-2025-49844

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 03 November 2025

by Amir Hadzipasic

November 3, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-59287

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-59287

2. CVE-2025-8088

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

3. CVE-2025-24990

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-24990

4. CVE-2025-47827

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-47827

5. CVE-2025-59218

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59218

6. CVE-2025-59226

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59226

7. CVE-2025-59227

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59227

8. CVE-2025-59230

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59230

9. CVE-2025-59249

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59249

10. CVE-2025-59252

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59252

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten –

by Amir Hadzipasic

October 27, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

https://nvd.nist.gov/vuln/detail/

10.

https://nvd.nist.gov/vuln/detail/

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 13 October 2025

by Amir Hadzipasic

October 13, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-8088

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

2. CVE-2018-17144

Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

https://nvd.nist.gov/vuln/detail/CVE-2018-17144

3. CVE-2016-10033

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2016-10033

4. CVE-2017-8759

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2017-8759

5. CVE-2021-40539

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2021-40539

6. CVE-2024-10687

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2024-10687

7. CVE-2024-21060

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2024-21060

8. CVE-2025-21204

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2025-21204

9. CVE-2024-21762

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2024-21762

10. CVE-2024-38476

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

https://nvd.nist.gov/vuln/detail/CVE-2024-38476

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 06 October 2025

by Amir Hadzipasic

October 6, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-20352

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication.
This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

https://nvd.nist.gov/vuln/detail/CVE-2025-20352

2. CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-50154

3. CVE-2025-20333

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device.
This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

https://nvd.nist.gov/vuln/detail/CVE-2025-20333

4. CVE-2025-32463

A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

https://nvd.nist.gov/vuln/detail/CVE-2025-32463

5. CVE-2018-0490

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

https://nvd.nist.gov/vuln/detail/CVE-2018-0490

6. CVE-2022-33903

https://nvd.nist.gov/vuln/detail/CVE-2022-33903

7. CVE-2011-4576

https://nvd.nist.gov/vuln/detail/CVE-2011-4576

8. CVE-2017-8821

https://nvd.nist.gov/vuln/detail/CVE-2017-8821

9. CVE-2011-0427

https://nvd.nist.gov/vuln/detail/CVE-2011-0427

10. CVE-2021-34549

https://nvd.nist.gov/vuln/detail/CVE-2021-34549

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 29 September 2025

by Amir Hadzipasic

September 29, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-50154

2. CVE-2024-6409

A race condition vulnerability was discovered in how signals are handled by OpenSSH’s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd’s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.

https://nvd.nist.gov/vuln/detail/CVE-2024-6409

3. CVE-2021-21974

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2021-21974

4. CVE-2021-34527

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.

In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (Note: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):

HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTPrintersPointAndPrint
NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.

UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates.

Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.

https://nvd.nist.gov/vuln/detail/CVE-2021-34527

5. CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code
Execution. This vulnerability may allow a remote attacker with network
access to either a Java-based OpenWire broker or client to run arbitrary
shell commands by manipulating serialized class types in the OpenWire
protocol to cause either the client or the broker (respectively) to
instantiate any class on the classpath.

Users are recommended to upgrade
both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3
which fixes this issue.

https://nvd.nist.gov/vuln/detail/CVE-2023-46604

6. CVE-2025-53773

Improper neutralization of special elements used in a command (‘command injection’) in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-53773

7. CVE-2024-38476

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

https://nvd.nist.gov/vuln/detail/CVE-2024-38476

8. CVE-2025-38561

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access

https://nvd.nist.gov/vuln/detail/CVE-2025-38561

9. CVE-2025-49457

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access

https://nvd.nist.gov/vuln/detail/CVE-2025-49457

10. CVE-2025-9864

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access

https://nvd.nist.gov/vuln/detail/CVE-2025-9864

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 22 September 2025

by Amir Hadzipasic

September 22, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-50154

https://nvd.nist.gov/vuln/detail/CVE-2025-50154

2. CVE-2025-42999

https://nvd.nist.gov/vuln/detail/CVE-2025-42999

3. CVE-2025-31324

https://nvd.nist.gov/vuln/detail/CVE-2025-31324

4. CVE-2025-42957

https://nvd.nist.gov/vuln/detail/CVE-2025-42957

5. CVE-2025-49706

https://nvd.nist.gov/vuln/detail/CVE-2025-49706

6. CVE-2025-53771

https://nvd.nist.gov/vuln/detail/CVE-2025-53771

7. CVE-2025-53770

https://nvd.nist.gov/vuln/detail/CVE-2025-53770

8. CVE-2025-24054

https://nvd.nist.gov/vuln/detail/CVE-2025-24054

9. CVE-2025-8715

https://nvd.nist.gov/vuln/detail/CVE-2025-8715

10. CVE-2025-23303

https://nvd.nist.gov/vuln/detail/CVE-2025-23303

CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 15 September 2025

by Amir Hadzipasic

September 15, 2025

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

https://nvd.nist.gov/vuln/detail/CVE-2025-43300

2. CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-50154

3. CVE-2025-53773

Improper neutralization of special elements used in a command (‘command injection’) in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-53773

4. CVE-2025-7775

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers

(OR)

CR virtual server with type HDX

https://nvd.nist.gov/vuln/detail/CVE-2025-7775

5. CVE-2025-8088

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

6. CVE-2024-38476

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

https://nvd.nist.gov/vuln/detail/CVE-2024-38476

7. CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

https://nvd.nist.gov/vuln/detail/CVE-2025-32433

8. CVE-2025-23303

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

https://nvd.nist.gov/vuln/detail/CVE-2025-23303

9. CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

https://nvd.nist.gov/vuln/detail/CVE-2018-0802

10. CVE-2017-11882

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE ID is unique from CVE-2017-11884.

https://nvd.nist.gov/vuln/detail/CVE-2017-11882

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

The SOS Intelligence CVE Chatter Weekly Top Ten – 24 November 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 17 November 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 10 November 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 03 November 2025

The SOS Intelligence CVE Chatter Weekly Top Ten –

The SOS Intelligence CVE Chatter Weekly Top Ten – 13 October 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 06 October 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 29 September 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 22 September 2025

The SOS Intelligence CVE Chatter Weekly Top Ten – 15 September 2025

Recent Posts

Recent Comments

cve chatter weekly top ten

Recent Posts

Recent Comments