CVE-2025-66802: Critical Remote Code Execution via Image Upload in Covid-19 Contact Tracing System Vulnerabilities AegironJanuary 13, 2026January 13, 202610 mins0 Vulnerability Summary CVE ID: CVE-2025-66802Severity: CriticalCVSS v3.1 Score: 9.8Attack Vector: NetworkPrivileges Required: NoneUser Interaction: NoneExploit Availability: Publicly…continue reading..
CVE-2026-22771: Silent Credential Leakage in Envoy Gateway Leading to Cluster Compromise Vulnerabilities AegironJanuary 13, 2026January 13, 20267 mins0 CVE ID: CVE-2026-22771Affected Component: Envoy GatewaySeverity: HighCVSS Score: 8.8Impact Type: Credential Disclosure → Privilege Escalation → Cluster…continue reading..
CVE-2025-29329: Critical Sagemcom F@st IPP Buffer Overflow Enables Unauthenticated Remote Code Execution Vulnerabilities AegironJanuary 13, 2026January 13, 20268 mins0 Vulnerability Overview CVE ID: CVE-2025-29329Severity: CriticalImpact: Remote Code Execution (RCE)Attack Vector: NetworkAuthentication Required: NoneUser Interaction: NoneExploitability: High…continue reading..
CVE-2026-22785: Critical Code Injection in orval OpenAPI Generation Enables Remote Code Execution Vulnerabilities AegironJanuary 13, 2026January 13, 202611 mins0 CVE: CVE-2026-22785Severity: CriticalCVSS v4.0 Score: 9.3 — Remote, unauthenticated, high impact on code generation workflowsExploitability: High potential…continue reading..
CVE-2026-22794: One-Click Account Takeover via Poisoned Password Reset Links Vulnerabilities AegironJanuary 13, 2026January 13, 202614 mins0 CVE: CVE-2026-22794Severity: CriticalCVSS v3.1: 9.6 (High Impact, Easy to Exploit)Exploitability: High — can be done without authentication;…continue reading..
CVE-2026-22781: Critical TinyWeb CGI Command Injection Enables Remote OS Takeover Vulnerabilities AegironJanuary 13, 2026January 13, 202613 mins0 CVE: CVE-2026-22781Name: TinyWeb CGI OS Command InjectionSeverity: CriticalCVSS Score: 10.0 (highest possible critical severity)Exploitability: Remote, unauthenticated —…continue reading..
CVE-2026-22799: Critical Arbitrary File Upload in Emlog Enables Full Remote Code Execution Vulnerabilities AegironJanuary 13, 2026January 13, 20269 mins0 CVE ID: CVE-2026-22799Affected Product: Emlog (self-hosted blogging / CMS platform)Affected Versions: All versions up to and including…continue reading..
CVE-2026-22252: One Login, One API Call, Full Root Shell – Critical LibreChat Command Execution Flaw Vulnerabilities AegironJanuary 13, 2026January 13, 20269 mins0 CVE ID: CVE-2026-22252Product: LibreChatAffected Component: MCP (Model Context Protocol) – stdio transportSeverity: CriticalCVSS v3.1 Score: 9.1 (Critical)Attack…continue reading..
Hackers Hijacked Apex Legends Game to Control the Inputs of Another Player Remotely CyberSecurity News CyberDefenderJanuary 13, 2026January 13, 20263 mins0 Players of Apex Legends were left stunned after a new hacking incident allowed attackers to remotely take…continue reading..
SAP Security Patch Day January 2026 – Patch for Critical Injection and RCE Vulnerabilities CyberSecurity News CyberDefenderJanuary 13, 2026January 13, 20266 mins0 January 13, 2026 marked SAP’s first Security Patch Day of the year — a scheduled monthly release…continue reading..
