CVE-2025-15029 — Centreon Infra Monitoring (Awie Export) || CVE-2025-15026 — Centreon Infra Monitoring (Awie Import) Threat Advisories CyberDefenderJanuary 6, 2026January 6, 20264 mins0 CVE-2025-15029 — Centreon Infra Monitoring (Awie Export) Severity: CriticalVulnerability Type: Unauthenticated SQL Injection (CWE-89)Impact: Database compromise (data…continue reading..
CVE-2026-21439: badkeys Output Injection Allows Terminal Manipulation and CI/Audit Misrepresentation Vulnerabilities AegironJanuary 6, 2026January 6, 20268 mins0 Executive Summary (At a Glance) What Is the Vulnerability? This vulnerability occurs because badkeys prints user-supplied data…continue reading..
CVE-2026-21675: Critical iccDEV Memory Corruption Flaw Enables Malicious ICC Profiles to Compromise Image Pipelines Vulnerabilities AegironJanuary 6, 2026January 6, 20268 mins0 CVE ID: CVE-2026-21675Affected component: iccDEV (ICC Color Management Development Kit)Affected versions: iccDEV ≤ 2.3.1Fixed version: 2.3.1.1Vulnerability type:…continue reading..
CVE-2025-14346 – Critical Bluetooth Vulnerability in WHILL Wheelchairs Vulnerabilities CyberDefenderJanuary 6, 2026January 6, 20262 mins0 Affected Products Severity Vulnerability Description Impact Mitigations & Fixes Vendor / Firmware UpdatesWHILL issued mitigations (rolled out…continue reading..
CVE-2025-55204 – One-Click Remote Code Execution in Muffon Threat Advisories CyberDefenderJanuary 6, 2026January 6, 20263 mins0 Severity: Critical / High (CVSS 3.1 8.8)Product: muffon — a cross-platform desktop music streaming client Affected Versions:…continue reading..
AIOHTTP Under Siege — High-Risk CVEs Expose Async Servers Vulnerabilities AegironJanuary 6, 2026January 6, 202610 mins0 Product: AIOHTTP AIOHTTP is a Python-based asynchronous HTTP framework built on top of the asyncio event loop.…continue reading..
Critical Security Exposure in Coolify: Multiple Vulnerabilities Enabling Full Host Compromise Vulnerabilities AegironJanuary 6, 2026January 6, 20269 mins0 Product Overview Product Name: CoolifyCategory: Self-hosted Platform-as-a-Service (PaaS)Architecture: Web application + privileged backend services + Docker host…continue reading..
Critical iccDEV Vulnerabilities Expose Image Pipelines to High-Risk Attacks – Patch Immediately Vulnerabilities AegironJanuary 6, 2026January 6, 20268 mins0 Product: iccDEV iccDEV is a color profile processing library commonly embedded in image pipelines, document converters, print…continue reading..
CVE-2026-21449 & CVE-2026-21450: Bagisto Template Injection Flaws Expose Servers to Full Compromise Vulnerabilities AegironJanuary 6, 2026January 6, 20268 mins0 Product: BagistoAffected versions: All versions prior to 2.3.10Vulnerability type: Server-Side Template Injection (SSTI)Impact: Remote Code Execution (RCE)Severity:…continue reading..
CVE-2026-0625: Unauthenticated RCE in D-Link DSL Gateways via dnscfg.cgi Vulnerabilities AegironJanuary 6, 2026January 6, 202610 mins0 D-Link DSL Gateways — Unauthenticated Command Injection in dnscfg.cgi CVE ID: CVE-2026-0625Affected Products: D-Link DSL Series GatewaysVulnerability…continue reading..
