CVE-2025-52465 geoserver arbitrary file write vulnerability
Updated:
Executive Summary
[object Object]
Analysis
Originally published by r/netsec on Jun 25, 2026.
Related Threats
YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)
YARA-X&#;x26;#;39;s 1.18.0 release brings 3 improvements and 2 bugfixes.
NVD CRITICAL: CVE-2026-58053 — Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow...
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S. The systematic cyber attacks aimed at stealing sensitive