Vulnerabilities
-
Report finds DLL side-loading attack using GitKraken ahost.exe spreads trojans and stealers
A Trellix report says attackers exploit DLL side-loading in a utility tied to the c-ares library to deliver multiple trojans and stealers to employees in commercial and industrial sectors using invoice themed lures in several languages.
-
CISA Adds Gogs Path Traversal CVE-2025-8110 to Known Exploited Vulnerabilities Catalog
CISA added CVE-2025-8110, a high severity Gogs path traversal that can enable code execution, to its Known Exploited Vulnerabilities catalog on January 12 2026. About 1,600 exposed instances exist with several hundred compromised.
-
OpenCode vulnerability allowed unauthenticated code execution on users machines
An independent disclosure found OpenCode started an unauthenticated local HTTP server that allowed connected clients to execute arbitrary code. Update to v1.1.10 or newer and check server settings to reduce exposure.
-
Critical RCE and two DoS flaws patched in Apex Central on-premise
Trend Micro issued updates for Apex Central on-premise after a Tenable technical analysis detailed CVE-2025-69258, a critical RCE with CVSS 9.8, and two DoS flaws that can be triggered via MsgReceiver.exe on TCP port 20001.
-
CISA retires 10 Emergency Directives issued 2019 to 2024
CISA is retiring 10 Emergency Directives issued from 2019 through 2024 after required actions were implemented or enforcement moved to Binding Operational Directive 22-01. The closed directives include SolarWinds and Exchange mitigation orders.
-
Cisco issues updates for ISE XML parsing flaw CVE-2026-20029 and Snort 3 bugs
Cisco issued updates on Jan 8, 2026 to fix a medium severity XML parsing flaw in Identity Services Engine CVE-2026-20029 with a public proof of concept. The company also patched two Snort 3 DCE/RPC vulnerabilities.
-
Command injection in legacy D-Link DSL routers tracked as CVE-2026-0625 and actively exploited
A security advisory warns of an active command injection vulnerability, CVE-2026-0625, in several end-of-life D-Link DSL routers. Vendors recommend retiring affected models and replacing them with supported devices.
-
Unpatched TOTOLINK EX200 firmware flaw can start unauthenticated root telnet
A CERT/CC advisory disclosed CVE-2025-65606 in the TOTOLINK EX200 that can trigger an unauthenticated root telnet service. The vendor has not issued a patch and the product appears unsupported.
-
Critical path traversal in @adonisjs/bodyparser allows arbitrary file writes
A critical path traversal in the @adonisjs/bodyparser npm package tracked as CVE-2026-21440 with CVSS 9.2 can permit arbitrary file writes. Patches are available in versions 10.1.2 and 11.0.0-next.6
-
Critical n8n flaw CVE-2025-68668 allows authenticated command execution on host
A critical sandbox bypass in the n8n Python Code Node, tracked as CVE-2025-68668 and rated CVSS 9.9, allows authenticated workflow authors to execute OS commands on hosts. The issue is fixed in n8n 2.0.0.
