-
Vulnerabilities in OpenSolution Quick.CMS and Quick.CMS.Ext software
CERT Polska has received a report about 3 vulnerabilities (CVE-2025-54172, CVE-2025-54174 and CVE-2025-54175) found in OpenSolution Quick.CMS and Quick.CMS.Ext software.
Read more -
Vulnerability in Akcess-Net Lepszy BIP software
Cross-site Scripting (XSS) vulnerability (CVE-2025-7761) has been found in Akcess-Net Lepszy BIP software.
Read more -
TCC Bypass vulnerabilities in six applications for MacOS
TCC Bypass vulnerabilities has been found in GIMP (CVE-2025-8672), Mosh-Pro (CVE-2025-53811), Cursor (CVE-2025-9190), MacVim (CVE-2025-8597), Nozbe (CVE-2025-53813) and Invoice Ninja (CVE-2025-8700) applications for MacOS.
Read more -
Vulnerability in Flexibits Fantastical software
Incorrect Authorization vulnerability (CVE-2025-8533) has been found in Flexibits Fantastical software.
Read more -
Vulnerability in TSplus Remote Access software
Insufficiently Protected Credentials vulnerability (CVE-2025-5922) has been found in TSplus Remote Access software.
Read more -
Vulnerability in FARA software
CERT Polska has received a report about Hard-coded Credentials vulnerability (CVE-2025-4049) found in SIGNUM-NET FARA software.
Read more -
Vulnerabilities in applications preloaded on Bluebird smartphones
CERT Polska has received a report about 3 vulnerabilities (from CVE-2025-5344 to CVE-2025-5346) found in applications preloaded on Bluebird smartphones.
Read more -
Vulnerability in SUR-FBD CMMS software
Use of Hard-coded Password vulnerability (CVE-2025-3920) has been found in SUR-FBD CMMS software.
Read more -
TCC Bypass vulnerabilities in two macOS applications
TCC Bypass vulnerability has been found in two macOS applications: Phoneix Code (CVE-2025-5255), Postbox (CVE-2025-5963).
Read more -
UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign
CERT Polska is observing a malicious email campaign conducted by the UNC1151 group against Polish entities, exploiting a vulnerability in the Roundcube software.
Read more