In 2025, many CVEs were exploited, averaging a CVSS severity rating of 8.5, with two hitting the maximum of 10.0, highlighting their critical importance.
Most Exploited Vulnerabilities of 2025:
By infosecbulletin
/ Tuesday , July 14 2026
Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
By infosecbulletin
/ Sunday , July 12 2026
Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
By infosecbulletin
/ Sunday , July 12 2026
Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
By infosecbulletin
/ Sunday , July 12 2026
A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
By infosecbulletin
/ Saturday , July 11 2026
CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
By infosecbulletin
/ Friday , July 10 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
By infosecbulletin
/ Friday , July 10 2026
A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
By infosecbulletin
/ Thursday , July 9 2026
A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
CVE-2025-55182: React2Shell
CVE-2025-32433: Erlang/OTP SSH Zero-Day Crisis
CVE-2025-59287: Microsoft WSUS Deserialization Vulnerability
CVE-2025-62221: Windows Cloud Files Driver Zero-Day
CVE-2025-62215: Windows Kernel Race Condition Zero-Day
CVE-2025-48572 and CVE-2025-48633: Android Framework Zero-Days
CVE-2025-5777: CitrixBleed 2
CVE-2025-20333 and CVE-2025-20362: Cisco Firewall Exploitation Chain
CVE-2025-9242: WatchGuard Firebox Out-of-Bounds Catastrophe
CVE-2025-6218: WinRAR Path Traversal Exploitation
CVE-2025-48384: Git Arbitrary File Write Vulnerability
CVE-2025-12480: Gladinet Triofox Improper Access Control
CVE-2025-32463: Sudo Privilege Escalation via Chroot
CVE-2025-4664: Chrome Cross-Origin Data Leak
CVE-2025-10585: Chrome V8 Type Confusion Zero-Day
CVE-2025-5086: DELMIA Apriso Deserialization Catastrophe
CVE-2025-41244: VMware Privilege Escalation by State Actors
CVE-2025-53690: Sitecore Deserialization Attacks
# Bangladesh now 3rd largest global source of DDoS attacks in 2025 Q3
MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2025