Cisco has patched a serious remote code execution vulnerability (CVE-2026-20045) in its Unified Communications and Webex Calling products, which has been actively exploited in attacks. The flaw allows attackers to gain elevated access on affected systems through crafted HTTP requests. Users are urged to update their software as there are no effective workarounds.

OpenSSL has released updates to address 12 vulnerabilities, including a critical remote code execution flaw. Discovered by Aisle, the issues mainly involve memory safety and parsing errors that could lead to denial of service or exploitation. The most severe flaws affect versions 3.0 to 3.6, particularly in CMS and PKCS#12 handling.

HPE patched a critical vulnerability in OneView Software that allowed remote code execution, rated CVSS 10.0. All versions prior to 11.00 are affected, and a hotfix is available for versions 5.20 to 10.20. Users should apply the patches promptly to ensure security.

A high-severity path traversal vulnerability was found in Docker Compose's support for OCI artifacts, allowing attackers to write arbitrary files on the host system. This flaw could be triggered by running commands like "docker compose ps" with malicious Compose files, potentially leading to unauthorized access. Users are urged to upgrade to Docker version v2.40.2 or later to mitigate the issue.

A high-severity flaw in the node-forge JavaScript library allows attackers to bypass signature verifications by exploiting its ASN.1 validation mechanism. The issue affects versions 1.3.1 and earlier, and a fix has been released in version 1.3.2. Developers are urged to update immediately to prevent potential security risks.

Fortinet confirmed that a December patch failed to fully secure its FortiCloud single sign-on system, allowing attackers to access devices with the supposed fix. New attack methods have been identified, prompting Fortinet to investigate further and advise customers to monitor for unusual login activity.

A serious vulnerability in Firefox, identified as CVE-2025-13016, could have allowed attackers to execute arbitrary code on users' devices. The flaw stemmed from a coding error in the browser's WebAssembly engine, affecting versions 143 to early 145. Mozilla quickly addressed the issue with a patch released on November 11, 2025.

Redis has issued a security advisory for a critical use-after-free vulnerability that allows attackers to execute remote code via Lua scripting. This affects older versions of Redis and Valkey, enabling potential data theft and system compromise. Users are urged to upgrade to patched versions immediately.

A serious vulnerability (CVE-2025-34352) in the JumpCloud Remote Assist for Windows allows low-privileged users to exploit insecure file operations, leading to local privilege escalation or denial of service. Users must upgrade to version 0.317.0 or later to fix the issue, as the flaw could enable attackers to gain full control over affected systems.

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress has a serious vulnerability that lets subscribers access any file on the server, risking exposure of sensitive information. Versions 4.23.81 and earlier are affected, but a patch was released shortly after the issue was reported. Users are advised to update their plugin to avoid potential attacks.

Ivanti alerted customers to a critical vulnerability in its Endpoint Manager software that allows attackers to execute remote code via cross-site scripting. While the flaw requires user interaction, many instances of Ivanti EPM are exposed online, raising security concerns. Ivanti has released a patch to fix the issue.

The React2Shell vulnerability (CVE-2025-55182) allows remote attackers to execute arbitrary code on vulnerable React and Next.js servers, often without authentication. Immediate upgrades to fixed package versions are essential to mitigate the risks posed by this critical flaw.

A security vulnerability was discovered in NVIDIA's GPU drivers, affecting various operating systems and software configurations. An incomplete patch released by NVIDIA has led to ongoing risks for users, prompting the need for further updates to fully address the security issues. Experts recommend that users remain vigilant and apply additional security measures until a complete fix is implemented.

A vulnerability in VMware Tools has been patched, allowing the open-vm-tools community to implement a security fix for previous releases. Broadcom also announced a significant security flaw in VMware Aria Automation that could allow malicious actors to steal user access tokens through crafted URLs.

A vulnerability in the Ollama Desktop application allowed drive-by attacks that could enable attackers to spy on local chats and manipulate AI models via a malicious website. Discovered by Chris Moberly and patched shortly after reporting, the flaw stemmed from insufficient cross-origin controls in the app's GUI. Users are urged to update to the latest version to mitigate the risk of exploitation.

Click Studios has urged users of its Passwordstate password manager to promptly update to version 9.9 Build 9972 due to a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to the administration section via a crafted URL. The company recommends implementing a temporary workaround while users transition to the latest version.

Plex has issued an urgent warning for users to update their Media Server software to version 1.42.1.10060 due to a newly identified security vulnerability tracked as CVE-2025-34158. The flaw affects versions 1.41.7.x to 1.42.0.x, and while details of the vulnerability have not been disclosed, users are advised to patch immediately to prevent potential exploitation.

SolarWinds has released a patch to address a critical vulnerability in its Web Help Desk software that was being actively exploited. The flaw allowed attackers to bypass authentication and gain unauthorized access to the system, prompting urgent action from the company to ensure user security. Users are advised to update their software immediately to mitigate potential risks.

Cisco has announced a critical vulnerability, tracked as CVE-2025-20337, in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that allows unauthenticated remote attackers to gain root access through arbitrary code execution. The vulnerability has a maximum CVSS score of 10, and Cisco has released patches to address it along with related vulnerabilities disclosed in June. Customers are urged to upgrade to the latest software versions to mitigate the risk.

A critical remote vulnerability has been discovered in MCP software, posing significant risks to users. The flaw allows attackers to exploit the system remotely, potentially leading to unauthorized access and data breaches. Immediate updates and patches are recommended to mitigate the threat.

A significant vulnerability in Google's Quick Share feature has been patched, addressing potential risks that could compromise user security. The update reinforces the importance of keeping software up to date to mitigate threats from exploits targeting such functionalities.

Researchers have developed a proof of concept (PoC) for a critical vulnerability in Fortinet's products, identified as CVE-2025-32756. The vulnerability allows for remote code execution, prompting the need for a quick patch to mitigate potential exploits. Users are advised to update their systems promptly to avoid security risks.

A critical vulnerability has been identified in the MCP server that could allow attackers to execute arbitrary code. The flaw poses serious security risks, and users are urged to apply patches and updates to protect their systems from potential exploitation. Cybersecurity experts are advising immediate action to mitigate the risks associated with this vulnerability.