CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense
Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us to work in partnership to identify…
Symlink backdoor on Fortinet SSL-VPN devices
ShadowServer has discovered more than 17,000 Fortinet SSL VPNs compromised by what’s known as the symlink backdoor. We…
New critical vulnerabilities in GLPI : CVE-2025-24799 and CVE-2025-24801
Two vulnerabilities in the IT asset management tool GLPI have been published under the heading “Pre-authentication SQL injection…
CVE-2025-24799 & CVE-2025-24801
The vulnerabilities identified as CVE-2025-24799 and CVE-2025-24801 affect GLPI, an open-source IT asset management tool. These vulnerabilities allow…
LeMagIT – GLPI: 680 instances in France affected by two serious vulnerabilities
[..] The ONYPHE attack surface management platform has just added support for detecting GLPI vulnerabilities CVE-2025-24799 and CVE-2025-24801….
March 2025 – Network Vulnerabilities Situation Report
Over the past three years, the number of critical vulnerabilities affecting network equipment has increased significantly. Firewalls, routers,…
CVE-2024-55591
CVE-2024-55591 is a critical privilege escalation vulnerability affecting FortiOS versions 7.0.0 through 7.0.16 and FortiProxy versions 7.0.0 through…
Retrospective 2024 and Roadmap 2025
Written on 2025/01/31 First of all, we wish you and your loved ones a wonderful year in 2025….
Detecting cups vulnerabilities while staying ethical
As you have probably seen by now @evilsocket published an amazing blog on vulnerabilities in CUPS. If you’ve…
