Vulnerability - Rankiteo Blog (Page 29)

IBM

public – 2 min read

The incident involves a 403 Forbidden error, indicating unauthorized or restricted access to an IBM web resource. While the error…

Jan 12, 2026

Jeremy C

CloudLinux

public – 3 min read

A critical Remote Code Execution (RCE) vulnerability (CVSS 8.2) was discovered in Imunify360 AV (AI-Bolit) before v32.7.4.…

Jan 12, 2026

Jeremy C

OpenAI

public – 3 min read

Security researchers exploited cross-modal vulnerabilities in OpenAI’s Sora 2 a cutting-edge multimodal AI model for video generation to extract…

Jan 12, 2026

Jeremy C

Louvre Museum

public – 2 min read

A series of security audits spanning from 2014 to recent years exposed severe cybersecurity vulnerabilities at the Louvre Museum, France’…

Jan 12, 2026

Jeremy C

Samsung

public – 3 min read

The LANDFALL spyware campaign exploited a zero-day vulnerability (CVE-2025-21042) in Samsung’s Android image processing library, targeting Galaxy devices (S22,…

Jan 12, 2026

Jeremy C

Broadcom (VMware)

public – 4 min read

The CVE-2025-41244 vulnerability in VMware Aria Operations and VMware Tools (with SDMP enabled) was exploited by the Chinese state-sponsored group…

Jan 12, 2026

Jeremy C

GitHub (Microsoft)

public – 3 min read

GitHub’s Copilot Chat, an AI-powered coding assistant, was found vulnerable to a critical flaw named CamoLeak (CVSS 9.6)…

Jan 12, 2026

Jeremy C

WatchGuard Technologies

public – 4 min read

WatchGuard disclosed CVE-2025-9242, a critical remote code execution (RCE) vulnerability in its Firebox firewalls due to an out-of-bounds write flaw…

Jan 12, 2026

Jeremy C

Libraesva

public – 2 min read

Suspected state-sponsored attackers exploited a zero-day command injection vulnerability (CVE-2025-59689) in Libraesva Email Security Gateway (ESG), versions 4.5 to…

Jan 12, 2026

Jeremy C

Unnamed Federal Civilian Executive Branch Agency (as per CISA advisory)

public – 3 min read

A federal agency suffered a cyber intrusion in July 2024 due to unpatched vulnerabilities (CVE-2024-36401) in its public-facing GeoServer, exploited…

Jan 12, 2026

Jeremy C

Pudu Robotics

public – 3 min read

Researchers uncovered critical API authentication vulnerabilities in Pudu Robotics’ entire fleet of service robots (BellaBot, KettyBot, PuduBot, etc.), deployed globally…

Jan 12, 2026

Jeremy C

SMA Solar Technology AG

public – 3 min read

Threat actors have identified a critical exposure in SMA’s deprecated Sunny WebBox devices, which remain widely internet-exposed despite being…

Jan 12, 2026

Jeremy C