CERT Polska has received a report about 4 vulnerabilities (from CVE-2025-1980 to CVE-2025-1983) found in Symfonia Ready_ software.

CERT Polska has received a report about 11 vulnerabilities found in Internet Starter module of SoftCOM iKSORIS software.

Another year of CERT Polska’s activities is behind us. An absolutely record-breaking year, if we take into account practically all the statistics cited in our previous reports. Behind these numbers is the daily work of experts who care for the safety of Poles online every day. This year’s report is about this work, the key challenges we face and the threats we analyse.

The problem of scammers exploiting social media platforms continues to persist. Meta has yet to fulfill all the recommendations made last year by experts from the CERT Polska team at NASK, which were intended to enhance the safety of Polish social media users.

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-11504 and CVE-2024-7407) found in Streamsoft Prestiż software.

Incorrect Privilege Assignment vulnerability (CVE-2025-2098) has been found in Fast CAD Reader (Beijing Honghu Yuntu Technology) application.

Incorrect Authorization vulnerability (CVE-2025-1542) has been found in Infonet Projekt SA OXARI ServiceDesk software.

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-8773 and CVE-2024-8774) found in SIMPLE.ERP software.

Improper Neutralization of Value Delimiters vulnerability (CVE-2025-1774) has been found in NASK - PIB BotSense software.

Command Injection vulnerability (CVE-2025-1497) has been found in MLJAR PlotAI software.