Alexandre Dulaunoy<p>I love the <span class="h-card" translate="no"><a href="https://infosec.exchange/@github" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>github</span></a></span> Security Advisory Database because they actually preserve the data from rejected advisories including the original information and the reason for rejection.</p><p>It’s clearly much more insightful than just having a bare ID marked as "rejected."</p><p>You can easily spot this in vulnerability-lookup: <a href="https://vulnerability.circl.lu/vuln/cve-2025-54371#related" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-54371#related</span></a></p><p>Yet another great example of why having diverse sources for vulnerability data matters.</p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
210active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#cve
5 posts · 3 participants · 0 posts today
Asta McCarthy<p>Gaat lekker in closed source land:<br>Sharepoint: <a href="https://tweakers.net/nieuws/237390/microsoft-drie-chinese-hackersgroepen-misbruiken-sharepoint-kwetsbaarheid.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tweakers.net/nieuws/237390/mic</span><span class="invisible">rosoft-drie-chinese-hackersgroepen-misbruiken-sharepoint-kwetsbaarheid.html</span></a></p><p>Outlook: <a href="https://www.security.nl/posting/897447/Britse+overheid+waarschuwt+voor+malware+die+Outlook-accounts+kaapt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">security.nl/posting/897447/Bri</span><span class="invisible">tse+overheid+waarschuwt+voor+malware+die+Outlook-accounts+kaapt</span></a></p><p>Nog een keer outlook: <a href="https://www.security.nl/posting/875288/Kritiek+Microsoft+Outlook-lek+actief+misbruikt+bij+aanvallen+waarschuwt+VS" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">security.nl/posting/875288/Kri</span><span class="invisible">tiek+Microsoft+Outlook-lek+actief+misbruikt+bij+aanvallen+waarschuwt+VS</span></a></p><p>Citrix: <a href="https://doublepulsar.com/citrixbleed-2-situation-update-everybody-already-got-owned-503c6d06da9f?gi=fb3489155925" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">doublepulsar.com/citrixbleed-2</span><span class="invisible">-situation-update-everybody-already-got-owned-503c6d06da9f?gi=fb3489155925</span></a></p><p>Waarbij die laatste al *twee weken* actief misbruik werd gemaakt van het lek voordat Citrix in beweging kwam. Met dus hele grote gevolgen voor het OM in Nederland: <a href="https://www.nrc.nl/nieuws/2025/07/22/digitale-werkomgeving-om-inderdaad-gehackt-onderzoek-moet-uitwijzen-welke-informatie-is-gestolen-a4901019" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nrc.nl/nieuws/2025/07/22/digit</span><span class="invisible">ale-werkomgeving-om-inderdaad-gehackt-onderzoek-moet-uitwijzen-welke-informatie-is-gestolen-a4901019</span></a><br> <br>Maar ga vooral door met dit soort proprietary oplossingen vol met gaten die "bedrijfsgeheim" zijn.</p><p><a href="https://mastodon.pirateparty.be/tags/Sharepoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sharepoint</span></a> <a href="https://mastodon.pirateparty.be/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://mastodon.pirateparty.be/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Citrix</span></a> <a href="https://mastodon.pirateparty.be/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.pirateparty.be/tags/gatenkaas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gatenkaas</span></a> <a href="https://mastodon.pirateparty.be/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.pirateparty.be/tags/DigitaleSoevereiniteit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitaleSoevereiniteit</span></a> <a href="https://mastodon.pirateparty.be/tags/OMlek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMlek</span></a></p>
CVE Program<p>The Rust Project is now a CVE Numbering Authority (CNA) assigning CVE IDs for repositories, packages, & websites maintained by the Rust Project<br> <a href="https://cve.org/Media/News/item/news/2025/07/22/The-Rust-Project-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/The-Rust-Project-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
CVE Program<p>TCS-CERT is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities related to TCS-CERT’s customers’ environment and vulnerabilities related to research conducted by Cyber Solutions by Thales’ Intrusion and Application Security Team <br> <br><a href="https://cve.org/Media/News/item/news/2025/07/22/TCS-CERT-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/TCS-CERT-Added-as-CNA</span></a> </p><p><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on July 9 are now available <br> <br><a href="https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00283.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mail-archive.com/cve-editorial</span><span class="invisible">-board-list@mitre.org/msg00283.html</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/hssedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hssedi</span></a> <a href="https://mastodon.social/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Sector 7<p>Today on our blog we have a guest post from René Ammerlaan about multiple vulnerabilities he found in Ruckus Unleashed. The most impressive part was how he chained some of them together to go from access to the guest WiFi network to RCE on the controller itself!</p><p><a href="https://sector7.computest.nl/post/2025-07-ruckus-unleashed/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">sector7.computest.nl/post/2025</span><span class="invisible">-07-ruckus-unleashed/</span></a></p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/ruckus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ruckus</span></a></p>
gcve.eu<p>GCVE.eu initiative - introduction and how to become a GNA. Video published.</p><p><a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p>📽️ <a href="https://www.youtube.com/watch?v=Va3almPab1M" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=Va3almPab1</span><span class="invisible">M</span></a></p>
CVE Program<p>1,133 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of July 7, 2025 <br> <br><a href="https://www.cisa.gov/news-events/bulletins/sb25-195" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-195</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
Redhotcyber<p>🔥 Ultime CVE critiche emesse? EPSS Score? CISA KEV? Tutto "Online" su Red Hot Cyber! </p><p>Red Hot Cyber ha realizzato una pagina dedicata alle ultime <a href="https://mastodon.bida.im/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> pubblicate all’interno del National Vulnerability Database (<a href="https://mastodon.bida.im/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a>) degli Stati Uniti d'America. Ma c'è di più, cliccando sulla singola vulnerabilità, è possibile in una sola pagina sola vedere il dati del NIST, i dati del FIRST (EPSS score e percentile), i dati del CISA KEV, gli articoli correlati su Red Hot Cyber e le fonti ufficiali dei vendor.</p><p>➡️ Qui trovate il link:<br>🔗 <a href="https://www.redhotcyber.com/red-hot-cyber-servizi/ultime-cve-critiche-emesse/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/red-hot-cyber-</span><span class="invisible">servizi/ultime-cve-critiche-emesse/</span></a></p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/patching" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patching</span></a> <a href="https://mastodon.bida.im/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.bida.im/tags/nist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nist</span></a> <a href="https://mastodon.bida.im/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a> <a href="https://mastodon.bida.im/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.bida.im/tags/bugdisicurezza" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugdisicurezza</span></a> <a href="https://mastodon.bida.im/tags/bughunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bughunting</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/cti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cti</span></a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Paul Chambers🚧<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bluetea</span></a></span> Also, here is the release: </p><p>🔗 Customer guidance for SharePoint vulnerability CVE-2025-53770<br><a href="https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">msrc.microsoft.com/blog/2025/0</span><span class="invisible">7/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/</span></a></p><p><a href="https://archive.ph/Dlhra" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">archive.ph/Dlhra</span><span class="invisible"></span></a> <a href="https://oldfriends.live/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://oldfriends.live/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://oldfriends.live/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hack</span></a> <a href="https://oldfriends.live/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://oldfriends.live/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> </p><p><span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span></p>
gcve.eu<p>Don't forget to join us today online at 14:00 (Luxembourg local time) for "GCVE.eu initiative - introduction and how to become a GNA" part of the <span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>circl</span></a></span> Virtual Summer School (VSS) 2025 <br>Details available at: <a href="https://circl.lu/pub/vss-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">circl.lu/pub/vss-2025/</span><span class="invisible"></span></a></p><p><a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/gna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gna</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a></p>
Bill<p>Oracle's July patch had THREE HUNDRED AND NINE SECURITY UPDATES?!! Dafuq?</p><p><a href="https://www.securityweek.com/oracle-patches-200-vulnerabilities-with-july-2025-cpu/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/oracle-patche</span><span class="invisible">s-200-vulnerabilities-with-july-2025-cpu/</span></a></p><p><a href="https://infosec.exchange/tags/oracle" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oracle</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a></p>
knoppix<p>Firmware flaws in 240+ Gigabyte motherboards (2017–2021) could allow stealth malware to bypass Secure Boot and take full control. ⚠️🛡️</p><p>Fixes exist, but nearly half the boards are unsupported due to EOL status—leaving many users exposed. 💻❌<br>Check for updates or consider replacing hardware.</p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@techspot" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>techspot</span></a></span> </p><p><a href="https://www.techspot.com/news/108688-firmware-flaws-over-200-gigabyte-motherboards-could-lead.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">techspot.com/news/108688-firmw</span><span class="invisible">are-flaws-over-200-gigabyte-motherboards-could-lead.html</span></a></p><p><a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/Gigabyte" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gigabyte</span></a> <a href="https://mastodon.social/tags/Firmware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firmware</span></a> <a href="https://mastodon.social/tags/UEFI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UEFI</span></a> <a href="https://mastodon.social/tags/PCSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PCSecurity</span></a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mastodon.social/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerabilities</span></a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/Motherboard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Motherboard</span></a> <a href="https://mastodon.social/tags/Boot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Boot</span></a> <a href="https://mastodon.social/tags/EOL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOL</span></a> <a href="https://mastodon.social/tags/Update" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Update</span></a> <a href="https://mastodon.social/tags/Updates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Updates</span></a></p>
TYPO3 CMS<p>As of 15 July 2025, the TYPO3 Association is approved as a CVE Numbering Authority (CNA) by the CVE Program. </p><p>The TYPO3 Security Team can now assign CVE Identifiers for vulnerabilities in TYPO3 CMS and its ecosystem. This ensures TYPO3 security issues are disclosed in a coordinated and consistent way. </p><p>Learn more: <a href="https://t3.ms/cve-bm" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">t3.ms/cve-bm</span><span class="invisible"></span></a> </p><p><a href="https://typo3.social/tags/TYPO3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TYPO3</span></a> <a href="https://typo3.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://typo3.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
NLnet Labs<p>Unbound 1.23.1 in now available. This security release fixes the Rebirthday Attack CVE-2025-5994.</p><p>The vulnerability re-opens up <a href="https://social.nlnetlabs.nl/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> resolvers to a birthday paradox, for EDNS client subnet servers that respond with non-ECS answers. The <a href="https://social.nlnetlabs.nl/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> is described here:<br><a href="https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nlnetlabs.nl/downloads/unbound</span><span class="invisible">/CVE-2025-5994.txt</span></a></p><p>We would like to thank Xiang Li (AOSP Lab, Nankai University) for discovering and responsibly disclosing the vulnerability. <br><a href="https://github.com/NLnetLabs/unbound/releases/tag/release-1.23.1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/unbound/r</span><span class="invisible">eleases/tag/release-1.23.1</span></a></p>
CVE Program<p>The CVE Program is expanding its partnership with CERT@VDE for managing the assignment of <a href="https://mastodon.social/tags/CVEIDs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEIDs</span></a> & publication of <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> Records <br> <br>CERT@VDE is now designated as a Root for organizations that are cooperative partners of <a href="https://infosec.exchange/@certvde" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">infosec.exchange/@certvde</span><span class="invisible"></span></a> <br> <br>Learn more: <br><a href="https://www.cve.org/Media/News/item/blog/2025/07/15/CERTVDE-Is-Now-a-Root-in-the" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cve.org/Media/News/item/blog/2</span><span class="invisible">025/07/15/CERTVDE-Is-Now-a-Root-in-the</span></a></p>
CVE Program<p>TYPO3 is now a CVE Numbering Authority (CNA) assigning CVE IDs for TYPO3 open-source products only, including TYPO3 CMS core & 3rd party extensions for TYPO3 <br> <a href="https://cve.org/Media/News/item/news/2025/07/15/TYPO3-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/15/TYPO3-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on June 25 are now available <br> <br><a href="https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00277.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mail-archive.com/cve-editorial</span><span class="invisible">-board-list@mitre.org/msg00277.html</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/hssedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hssedi</span></a> <a href="https://mastodon.social/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on June 11 are now available <br> <br><a href="https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00279.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mail-archive.com/cve-editorial</span><span class="invisible">-board-list@mitre.org/msg00279.html</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/hssedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hssedi</span></a> <a href="https://mastodon.social/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>638 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of June 30, 2025 <br> <br><a href="https://www.cisa.gov/news-events/bulletins/sb25-188" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-188</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload