Cisco has patched a serious remote code execution vulnerability (CVE-2026-20045) in its Unified Communications and Webex Calling products, which has been actively exploited in attacks. The flaw allows attackers to gain elevated access on affected systems through crafted HTTP requests. Users are urged to update their software as there are no effective workarounds.

HPE patched a critical vulnerability in OneView Software that allowed remote code execution, rated CVSS 10.0. All versions prior to 11.00 are affected, and a hotfix is available for versions 5.20 to 10.20. Users should apply the patches promptly to ensure security.

A high-severity path traversal vulnerability was found in Docker Compose's support for OCI artifacts, allowing attackers to write arbitrary files on the host system. This flaw could be triggered by running commands like "docker compose ps" with malicious Compose files, potentially leading to unauthorized access. Users are urged to upgrade to Docker version v2.40.2 or later to mitigate the issue.

A high-severity flaw in the node-forge JavaScript library allows attackers to bypass signature verifications by exploiting its ASN.1 validation mechanism. The issue affects versions 1.3.1 and earlier, and a fix has been released in version 1.3.2. Developers are urged to update immediately to prevent potential security risks.

Fortinet confirmed that a December patch failed to fully secure its FortiCloud single sign-on system, allowing attackers to access devices with the supposed fix. New attack methods have been identified, prompting Fortinet to investigate further and advise customers to monitor for unusual login activity.

A serious vulnerability in Firefox, identified as CVE-2025-13016, could have allowed attackers to execute arbitrary code on users' devices. The flaw stemmed from a coding error in the browser's WebAssembly engine, affecting versions 143 to early 145. Mozilla quickly addressed the issue with a patch released on November 11, 2025.

Redis has issued a security advisory for a critical use-after-free vulnerability that allows attackers to execute remote code via Lua scripting. This affects older versions of Redis and Valkey, enabling potential data theft and system compromise. Users are urged to upgrade to patched versions immediately.

Palo Alto Networks has released patches for a high-severity denial-of-service vulnerability (CVE-2026-0227) affecting its PAN-OS firewalls, particularly those using the GlobalProtect gateway. If left unpatched, attackers could trigger maintenance mode, potentially disrupting network availability. Most Prisma Access customers are already patched, but some PAN-OS NGFW users will need to apply the fix manually.

A serious vulnerability (CVE-2025-34352) in the JumpCloud Remote Assist for Windows allows low-privileged users to exploit insecure file operations, leading to local privilege escalation or denial of service. Users must upgrade to version 0.317.0 or later to fix the issue, as the flaw could enable attackers to gain full control over affected systems.

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress has a serious vulnerability that lets subscribers access any file on the server, risking exposure of sensitive information. Versions 4.23.81 and earlier are affected, but a patch was released shortly after the issue was reported. Users are advised to update their plugin to avoid potential attacks.

The React2Shell vulnerability (CVE-2025-55182) allows remote attackers to execute arbitrary code on vulnerable React and Next.js servers, often without authentication. Immediate upgrades to fixed package versions are essential to mitigate the risks posed by this critical flaw.

Ivanti alerted customers to a critical vulnerability in its Endpoint Manager software that allows attackers to execute remote code via cross-site scripting. While the flaw requires user interaction, many instances of Ivanti EPM are exposed online, raising security concerns. Ivanti has released a patch to fix the issue.

A security vulnerability was discovered in NVIDIA's GPU drivers, affecting various operating systems and software configurations. An incomplete patch released by NVIDIA has led to ongoing risks for users, prompting the need for further updates to fully address the security issues. Experts recommend that users remain vigilant and apply additional security measures until a complete fix is implemented.

A vulnerability in VMware Tools has been patched, allowing the open-vm-tools community to implement a security fix for previous releases. Broadcom also announced a significant security flaw in VMware Aria Automation that could allow malicious actors to steal user access tokens through crafted URLs.

A critical vulnerability known as "Happy Dom" has been identified, affecting various systems and applications due to improper handling of user input. Exploitation of this vulnerability could lead to unauthorized access and data breaches, prompting urgent updates and patches from developers to secure affected systems.

A vulnerability in the Ollama Desktop application allowed drive-by attacks that could enable attackers to spy on local chats and manipulate AI models via a malicious website. Discovered by Chris Moberly and patched shortly after reporting, the flaw stemmed from insufficient cross-origin controls in the app's GUI. Users are urged to update to the latest version to mitigate the risk of exploitation.

Click Studios has urged users of its Passwordstate password manager to promptly update to version 9.9 Build 9972 due to a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to the administration section via a crafted URL. The company recommends implementing a temporary workaround while users transition to the latest version.

Plex has issued an urgent warning for users to update their Media Server software to version 1.42.1.10060 due to a newly identified security vulnerability tracked as CVE-2025-34158. The flaw affects versions 1.41.7.x to 1.42.0.x, and while details of the vulnerability have not been disclosed, users are advised to patch immediately to prevent potential exploitation.

SolarWinds has released a patch to address a critical vulnerability in its Web Help Desk software that was being actively exploited. The flaw allowed attackers to bypass authentication and gain unauthorized access to the system, prompting urgent action from the company to ensure user security. Users are advised to update their software immediately to mitigate potential risks.

Cisco has announced a critical vulnerability, tracked as CVE-2025-20337, in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that allows unauthenticated remote attackers to gain root access through arbitrary code execution. The vulnerability has a maximum CVSS score of 10, and Cisco has released patches to address it along with related vulnerabilities disclosed in June. Customers are urged to upgrade to the latest software versions to mitigate the risk.

A critical remote vulnerability has been discovered in MCP software, posing significant risks to users. The flaw allows attackers to exploit the system remotely, potentially leading to unauthorized access and data breaches. Immediate updates and patches are recommended to mitigate the threat.

A significant vulnerability in Google's Quick Share feature has been patched, addressing potential risks that could compromise user security. The update reinforces the importance of keeping software up to date to mitigate threats from exploits targeting such functionalities.

Cisco has addressed a critical security vulnerability (CVE-2025-20309) in its Unified Communications Manager software, which allowed unauthenticated remote access due to static root account credentials that cannot be changed or deleted. The flaw was discovered during internal testing, and affected users are advised to update their systems or apply a provided patch, as exploitation indicators have been identified in system logs.

Researchers have developed a proof of concept (PoC) for a critical vulnerability in Fortinet's products, identified as CVE-2025-32756. The vulnerability allows for remote code execution, prompting the need for a quick patch to mitigate potential exploits. Users are advised to update their systems promptly to avoid security risks.

A critical vulnerability has been identified in the MCP server that could allow attackers to execute arbitrary code. The flaw poses serious security risks, and users are urged to apply patches and updates to protect their systems from potential exploitation. Cybersecurity experts are advising immediate action to mitigate the risks associated with this vulnerability.