CVE-2026-22688: Critical WeKnora MCP stdio Command Injection Enabling Remote System Takeover Vulnerabilities AegironJanuary 11, 2026January 11, 20268 mins0 Vulnerability Identifier CVE ID: CVE-2026-22688 Vulnerability Type Command Injection (OS Command Execution)CWE: CWE-78 – Improper Neutralization of…continue reading..
CVE-2025-62235 & CVE-2025-53470: Silent BLE Trust Hijack and Memory Disclosure in Apache NimBLE Vulnerabilities AegironJanuary 11, 2026January 11, 20269 mins0 Apache NimBLE is a lightweight Bluetooth Low Energy (BLE) stack widely used in embedded and IoT environments.…continue reading..
CVE-2025-65091: Critical XWiki Full Calendar Macro SQL Injection Allowing Unauthenticated Database Access & Denial-of-Service Vulnerabilities AegironJanuary 11, 2026January 11, 20269 mins0 Vulnerability Overview (At a Glance) CVE ID: CVE-2025-65091Product: XWiki – Full Calendar (macro-fullcalendar)Affected Component: Calendar.JSONServiceVulnerability Type: SQL…continue reading..
MuddyWater Deploys RustyWater RAT via Spear-Phishing Campaigns Across Middle East Sectors CyberSecurity News CyberDefenderJanuary 11, 2026January 11, 20263 mins0 MuddyWater has launched a new remote access trojan (RAT) dubbed RustyWater, deploying it through targeted spear-phishing campaigns…continue reading..
CVE-2025-14598: Critical SQL Injection in BeeS BET Portal Enabling Full Database Takeover & Potential Server Compromise Vulnerabilities AegironJanuary 10, 2026January 10, 20268 mins0 CVE-2025-14598 – BeeS BET Portal Vulnerability Type: SQL InjectionAffected Component: BeeS BET (BET e-Portal) – Authentication /…continue reading..
CVE-2025-7072: Hardcoded Root Credentials Expose KAON CG3000 Routers to Full Remote Takeover Vulnerabilities AegironJanuary 10, 2026January 10, 20267 mins0 Executive Summary What Is the Vulnerability? CVE-2025-7072 is caused by hardcoded root credentials embedded directly in the…continue reading..
CVE-2025-69426 & CVE-2025-69425: Critical Design Flaws Enable Remote, Persistent, Root-Level Control of Ruckus vRIoT Vulnerabilities AegironJanuary 10, 2026January 10, 20268 mins0 Ruckus vRIoT Remote Compromise Vulnerabilities Vendor: Ruckus NetworksProduct: Ruckus vRIoTAffected Area: Management plane and privileged backend servicesRisk…continue reading..
CVE-2025-69542: Critical Root-Level RCE in D-Link DIR-895L via DHCP Command Injection Vulnerabilities AegironJanuary 10, 2026January 10, 20267 mins0 CVE ID: CVE-2025-69542Affected Product: D-Link DIR-895L (All firmware versions prior to patched release)Vulnerability Type: DHCP Command InjectionAttack…continue reading..
CVE-2025-70161: Zero-Auth Remote Code Execution Exposes EDIMAX BR-6208AC Routers to Complete Compromise Vulnerabilities AegironJanuary 10, 2026January 10, 20269 mins0 Vulnerability Overview (At a Glance) CVE Name: EDIMAX BR-6208AC Unauthenticated Command InjectionCVE ID: CVE-2025-70161Affected Device: EDIMAX BR-6208AC…continue reading..
CVE-2025-67070: One Request to Rule Them All — MFA Bypass in Intelbras NVD 9032 Enables Full Remote Admin Takeover Vulnerabilities AegironJanuary 10, 2026January 10, 20268 mins0 Affected Product: Intelbras CFTV IP NVD 9032Vendor: IntelbrasVulnerability Class: Authentication Bypass / MFA BypassImpact: Full Administrator Account…continue reading..
