Technology ❯ Cybersecurity ❯ Vulnerabilities

Command Injection

CVE-2024-20418 LG Smart TVs CVE-2024-3400 Array AG Series VPN N-able N-Central FortiSIEM SAP S/4HANA CVE-2025-42957 D-Link DCS-2530L and DCS-2670L Trend Micro Apex One Array Networks AG Series CVE-2025-59689 Authentication Bypass TP-Link Omada Fortinet FortiWeb Fortinet

JPCERT Confirms Active Exploitation of Array Networks AG Gateways via DesktopDirect Flaw

A May fix is available, yet the lack of a CVE complicates remediation, prompting urgent mitigations.

CISA Orders 7-Day Fix for New FortiWeb Zero-Day Exploited in the Wild

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

TP-Link Patches Critical Omada Gateway Flaws Enabling Remote Code Execution

Researchers Say GoAnywhere CVSS 10 Flaw Was Exploited as Zero-Day Before Disclosure

Libraesva Rushes Patch for ESG Flaw Exploited by Suspected State Actor

Critical SAP S/4HANA CVE-2025-42957 Now Exploited in the Wild

CISA Lists Two N-able N-central Flaws as Actively Exploited

Fortinet Issues FortiSIEM Patches After Discovery of Stealthy Exploit Code

Trend Micro Releases Mitigation Tool for Critical Apex One Zero-Days

CISA Adds Three D-Link Router Flaws to Known Exploited Vulnerabilities Catalog