Technical details of a high-severity flaw in Cisco IOS XE WLC, identified as CVE-2025-20188, have been released, allowing potential exploitation by attackers. The vulnerability stems from a hard-coded JWT that enables unauthenticated file uploads and command execution on affected devices. Users are urged to upgrade to patched versions or disable the vulnerable feature immediately to mitigate risks.

A newly discovered vulnerability in the Cursors component of Microsoft Windows allows hackers to execute arbitrary code on affected systems. This flaw, identified as CVE-2023-38831, can be exploited through specially crafted files, prompting urgent updates from Microsoft to mitigate potential attacks. Users are advised to patch their systems to safeguard against this security threat.