CVE Feed
- CVE-2025-13181 – pojoin h3blog add cross site scripting November 14, 2025
- CVE-2025-13033 – Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict November 14, 2025
- CVE-2025-13180 – Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System edit_profile cross site scripting November 14, 2025
- CVE-2025-13179 – Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System cross-site request forgery November 14, 2025
- CVE-2025-63291 – Alteryx MongoDB Object ID Authorization Bypass November 14, 2025
- CVE-2025-63680 – Nero BackItUp ShellExecuteW Path Traversal Vulnerability November 14, 2025
- CVE-2025-13178 – Bdtask/CodeCanyon SalesERP User Profile edit_profile cross site scripting November 14, 2025
- CVE-2025-13174 – rachelos WeRSS we-mp-rss Webhook mps.py do_job server-side request forgery November 14, 2025
- CVE-2025-13177 – Bdtask/CodeCanyon SalesERP cross-site request forgery November 14, 2025
- CVE-2025-12187 – Apache HTTP Server Remote Code Execution Vulnerability November 14, 2025
- CVE-2025-63725 – SVX Portal Reflected Cross-Site Scripting (XSS) November 14, 2025
- CVE-2025-63830 – CKFinder SVG XSS November 14, 2025
- CVE-2025-63724 – SVX Portal SQL Injection Vulnerability November 14, 2025
- CVE-2025-54348 – Desktop Alert PingAlert Stored XSS November 14, 2025
- CVE-2025-54559 – Desktop Alert PingAlert Remote Path Traversal November 14, 2025
- CVE-2025-54560 – Desktop Alert PingAlert SSRF November 14, 2025
- CVE-2025-54561 – Desktop Alert PingAlert Incorrect Access Control Vulnerability November 14, 2025
- CVE-2025-54562 – Desktop Alert PingAlert Information Disclosure November 14, 2025
- CVE-2025-54339 – Desktop Alert PingAlert Remote Access Control Bypass November 14, 2025
Microsoft Security
- ​​Securing our future: November 2025 progress report on Microsoft’s Secure Future Initiative ​​ November 10, 2025When we launched the Secure Future Initiative, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering pillar, underscoring our commitment to security above all else. The post ​​Securing our future: November […]Charlie Bell
- ​​Whisper Leak: A novel side-channel attack on remote language models November 7, 2025Microsoft has discovered a side-channel attack on language models which allows adversaries to conclude model conversation topics, despite being encrypted. The post ​​Whisper Leak: A novel side-channel attack on remote language models appeared first on Microsoft Security Blog.Microsoft Defender Security Research Team, Jonathan Bar Or and Geoff McDonald
- New IDC research highlights a major cloud security shift November 6, 2025New IDC research shows why CISOs must move toward AI-powered, integrated platforms like CNAPP, XDR, and SIEM to reduce risk, cut complexity, and strengthen resilience. The post New IDC research highlights a major cloud security shift appeared first on Microsoft Security Blog.Microsoft Security Team
- ​​Securing critical infrastructure: Why Europe’s risk-based regulations matter November 5, 2025Learn how CISOs can use new European Union legislation to strengthen their cybersecurity measures. The post ​​Securing critical infrastructure: Why Europe’s risk-based regulations matter appeared first on Microsoft Security Blog.Freddy Dezeure
- ​​Learn what generative AI can do for your security operations center November 4, 2025This new e-book showcases what generative AI can do for your SOC, from reducing alert fatigue and enabling quicker triage to getting ahead of cyberattacks with proactive threat hunting, and more. The post ​​Learn what generative AI can do for your security operations center appeared first on Microsoft Security Blog.Rob Lefferts