CVE CyberSecurity Database News

Dec 12, 2025 Exploit

CVE-2025-54369 - Exploiting Node-SAML’s Broken SAML Assertion Handling (with PoC)

Node-SAML is a popular library that brings SAML authentication to Node.js apps—used for letting users log in using their single sign-on identities. But

Dec 10, 2025 Exploit

CVE-2025-5467 - How Apport Crash Reports Can Leak Sensitive Data on Ubuntu Systems

In early 2025, a new vulnerability was found in Apport, the crash reporting tool shipped with Ubuntu and other Canonical-based Linux distributions. Tracked as CVE-2025-5467,

Dec 10, 2025

CVE-2025-67642 - How Jenkins HashiCorp Vault Plugin Leak Lets Attackers Steal Credentials (Explained with Code)

Jenkins is a widely used automation tool in the DevOps world, often extended with plugins that help teams speed up development. One of these plugins,

Dec 9, 2025 Microsoft Exploit

CVE-2025-64667 - UI Misrepresentation in Microsoft Exchange Server Leads to Critical Spoofing Attack

--- *Published: July 2024* When running a secure email environment, Microsoft Exchange Server is the backbone for many organizations. But recently, a new vulnerability—CVE-2025-64667—

Dec 9, 2025 Exploit

CVE-2025-33214 - Critical Deserialization Vulnerability in NVIDIA NVTabular for Linux – How Attackers Can Execute Code, Steal Data, or Crash Your Workflows

--- In June 2025, a new high-severity security flaw, CVE-2025-33214, was uncovered in NVIDIA’s NVTabular for Linux. This article delivers an exclusive, simplified breakdown