Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3059 matches found

CVE
CVEadded 2025/12/09 5:56 p.m.34 views

CVE-2025-54100

CVE-2025-54100 is a PowerShell RCE vulnerability tied to improper neutralization during MSHTML-based HTML parsing when Invoke-WebRequest is used without -UseBasicParsing. Affected: Windows PowerShell 5.1 on Windows 10/11 and Windows Server 2008–2025; attack is locally exploitable with user intera...

7.8CVSS7AI score0.00156EPSS
Exploits5References3Affected Software14
The Hacker News
The Hacker Newsadded 2025/12/09 1:37 p.m.9 views

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks. "These methods allow them to bypass defense...

7.3AI score
Exploits0
Talos Blog
Talos Blogadded 2025/12/09 11:0 a.m.14 views

New BYOVD loader behind DeadLock ransomware attack

While tracking ransomware activities, Cisco Talos uncovered new tactics, techniques, and procedures TTPs linked to a financially motivated threat actor targeting victims with DeadLock ransomware. The actor used the Bring Your Own Vulnerable Driver BYOVD technique with a previously unknown loader ...

3.8CVSS8.7AI score0.00018EPSS
Exploits1
The Hacker News
The Hacker Newsadded 2025/12/09 9:35 a.m.3 views

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August 2025. The campaign is...

6.7AI score
Exploits0
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.13 views

December 9, 2025—KB5071546 (OS Builds 19045.6691 and 19044.6691)

December 9, 2025—KB5071546 OS Builds 19045.6691 and 19044.6691 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot secure...

8.8CVSS7.9AI score0.02094EPSS
Exploits7
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.85 views

December 9, 2025—KB5071543 (OS Build 14393.8688)

December 9, 2025—KB5071543 OS Build 14393.8688 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not update...

8.8CVSS6.3AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.12 views

December 9, 2025—KB5071504 (Monthly Rollup)

December 9, 2025—KB5071504 Monthly Rollup Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...

8.8CVSS6.4AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.15 views

KB5074353: Security Update for Windows PowerShell (OS Build 20348.4467)

KB5074353: Security Update for Windows PowerShell OS Build 20348.4467 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see the update history page for Windows Server 2022.Be sure to...

7.8CVSS7.1AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.15 views

December 9, 2025—KB5071547 (OS Build 20348.4529)

December 9, 2025—KB5071547 OS Build 20348.4529 This cumulative update for Windows Server 2022 KB5071547, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

8.8CVSS7.4AI score0.02094EPSS
Exploits7
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.11 views

December 9, 2025—KB5071542 (OS Build 25398.2025)

December 9, 2025—KB5071542 OS Build 25398.2025 This cumulative update for Windows Server, version 23H2 KB5071542, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security...

8.8CVSS7.4AI score0.02094EPSS
Exploits7
Microsoft CVE
Microsoft CVEadded 2025/12/09 8:0 a.m.10 views

PowerShell Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Windows PowerShell allows an unauthorized attacker to execute code locally...

7.8CVSS7.5AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.9 views

December 9, 2025—KB5071507 (Security-only update)

December 9, 2025—KB5071507 Security-only update Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updat...

8.8CVSS6.4AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.13 views

December 9, 2025—KB5071544 (OS Build 17763.8146)

December 9, 2025—KB5071544 OS Build 17763.8146 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not update...

8.8CVSS7.4AI score0.02094EPSS
Exploits7
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.16 views

KB5074204: Security Update for Windows PowerShell (OS Builds 26100.7392 and 26200.7392)

KB5074204: Security Update for Windows PowerShell OS Builds 26100.7392 and 26200.7392 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, see the update history pages for Windows 11, version 24H2 a...

7.8CVSS7AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.40 views

December 9, 2025—KB5071501 (Monthly Rollup)

December 9, 2025—KB5071501 Monthly Rollup Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...

8.8CVSS6.4AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.11 views

December 9, 2025—KB5071506 (Security-only update)

December 9, 2025—KB5071506 Security-only update Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updat...

8.8CVSS6.4AI score0.00156EPSS
Exploits5
Microsoft KB
Microsoft KBadded 2025/12/09 8:0 a.m.33 views

October 14, 2025—KB5066782 (OS Build 20348.4294)

October 14, 2025—KB5066782 OS Build 20348.4294 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not update...

9.9CVSS9AI score0.04972EPSS
Exploits6
Kaspersky
Kasperskyadded 2025/12/09 12:0 a.m.7 views

KLA90811 Multiple vulnerabilities in Microsoft Product (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a...

8.8CVSS9.4AI score0.00156EPSS
Exploits5References35
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.2 views

PT-2025-50150

Name of the Vulnerable Software and Affected Versions Microsoft Windows PowerShell versions prior to December 17, 2025 Description The issue is a command injection flaw in Windows PowerShell that allows an unauthorized attacker to execute code locally. The flaw stems from improper neutralization ...

7.8CVSS8.3AI score0.00156EPSS
Exploits5References43
Kaspersky
Kasperskyadded 2025/12/09 12:0 a.m.7 views

KLA90812 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote cod...

8.8CVSS10AI score0.02094EPSS
Exploits7References76
Rows per page
Query Builder