CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals

Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a...

CVE-2024-46765

...

CVE-2024-46765

In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in icexdp is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same...

Vulnerability of microprogramming software for Intel processors, allowing attackers to enhance their privileges or cause system failures

The vulnerability of Intel microprogramming software is related to errors in the processing of UEFI variables. Exploiting this vulnerability can allow an attacker to enhance their privileges or cause system failures by disabling system configuration protection...

Configuration Bypass During S3 Resume

Summary: System firmware of certain products does not completely protect platform configuration data. Description: During resume from sleep, system firmware needs to reinitialize hardware to a secured configuration. In order to protect against malware that has already compromised an OS, firmware...