-
Vulnerability in FARA software
CERT Polska has received a report about Hard-coded Credentials vulnerability (CVE-2025-4049) found in SIGNUM-NET FARA software.
Read more -
Vulnerabilities in applications preloaded on Bluebird smartphones
CERT Polska has received a report about 3 vulnerabilities (from CVE-2025-5344 to CVE-2025-5346) found in applications preloaded on Bluebird smartphones.
Read more -
Vulnerability in SUR-FBD CMMS software
Use of Hard-coded Password vulnerability (CVE-2025-3920) has been found in SUR-FBD CMMS software.
Read more -
TCC Bypass vulnerabilities in two macOS applications
TCC Bypass vulnerability has been found in two macOS applications: Phoneix Code (CVE-2025-5255), Postbox (CVE-2025-5963).
Read more -
UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign
CERT Polska is observing a malicious email campaign conducted by the UNC1151 group against Polish entities, exploiting a vulnerability in the Roundcube software.
Read more -
Vulnerability in 2ClickPortal software
SQL Injection vulnerability (CVE-2025-4568) has been found in 2ClickPortal software.
Read more -
Vulnerabilities in applications preloaded on Ulefone and Krüger&Matz smartphones
CERT Polska has received a report about 3 vulnerabilities (from CVE-2024-13915 to CVE-2024-13917) found in applications preloaded on Ulefone and Krüger&Matz smartphones.
Read more -
TCC Bypass vulnerabilities in three macOS applications
TCC Bypass vulnerability has been found in three macOS applications: Poedit (CVE-2025-4280), Viscosity (CVE-2025-4412), DaVinci Resolve (CVE-2025-4081)
Read more -
Vulnerability in hackney open-source project
Incorrect connection releasing causing pool exhaustion (CVE-2025-3864) has been found in hackney software.
Read more -
Vulnerability in Be-Tech Mifare Classic cards software
Cleartext Storage of Sensitive Information vulnerability (CVE-2025-4053) has been found in Be-Tech Mifare Classic cards software.
Read more