CrushFTP Authentication Bypass Vulnerability Exploited in the Wild (CVE-2025-54309) CrushFTP warned its users about active exploitation of a zero-day vulnerability tracked as CVE-2025-54309. Successful exploitation of this vulnerability may... 22/07/2025 Qualys-Threat-Protect
Microsoft SharePoint Server Zero-day Vulnerability Exploited in the Wild (CVE-2025-53770) Microsoft released patches for an actively exploited vulnerability impacting SharePoint Server. Tracked as CVE-2025-53770, the vulnerability was part of an... 22/07/2025 Qualys-Threat-Protect
Oracle Critical Patch Update, July 2025 Security Update Review Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 309 security vulnerabilities.... 17/07/2025 Qualys-Threat-Protect
VMware ESXi, Workstation, Fusion, and Tools Multiple Vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, & CVE-2025-41239) Multiple vulnerabilities impact VMware ESXi, Workstation, Fusion, and Tools. Tracked as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, & CVE-2025-41239, successful exploitation of the... 17/07/2025 Qualys-Threat-Protect
Google Addresses Fifth Zero-day Vulnerability impacting Chrome Browser (CVE-2025-6558) Google addressed six vulnerabilities impacting the Chrome browser. One of the vulnerabilities tracked as CVE-2025-6558 is being exploited in the... 17/07/2025 Qualys-Threat-Protect
Fortinet FortiWeb Unauthenticated SQL Injection Vulnerability (CVE-2025-25257) Kentaro Kawane from GMO Cybersecurity discovered a vulnerability of critical severity impacting FortiWeb. Tracked as CVE-2025-25257, the vulnerability has a... 15/07/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, July 2025 Security Update Review With cybersecurity threats continuing to evolve, Microsoft’s July 2025 Patch Tuesday highlights the need for consistent patching — this month’s... 09/07/2025 Qualys-Threat-Protect
Anthropic Model Context Protocol (MCP) Inspector Remote Code Execution Vulnerability (CVE-2025-49596) A critical remote code execution vulnerability has been discovered in Anthropic’s open‑source tool, MCP Inspector, which is widely used by... 04/07/2025 Qualys-Threat-Protect
Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309) Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) are vulnerable to a... 04/07/2025 Qualys-Threat-Protect
WingFTP Critical Remote Code Execution Vulnerability (CVE-2025-47812) Julien Ahrens from RCE Security discovered a critical security vulnerability impacting WingFTP. Tracked as CVE-2025-47812, the vulnerability has a CVSS... 03/07/2025 Qualys-Threat-Protect
