Vulnerability intelligence

CVE-2025-43520 is identified as a memory corruption issue, specifically a classic buffer overflow vulnerability, affecting multiple Apple operating systems. These include watchOS, iOS, iPadOS, macOS, visionOS, and tvOS. The vulnerability could potentially allow a malicious application to cause unexpected system termination or write to kernel memory. Apple has addressed this issue with improved memory handling, and fixes have been implemented in various updated versions of its operating systems, such as watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, and tvOS 26.1. This vulnerability has also been noted as part of the "DarkSword" exploit chain, which has been utilized by state-sponsored actors and spyware vendors.

CVE-2025-6218 is a directory traversal remote code execution vulnerability that affects RARLAB WinRAR. It allows remote attackers to execute arbitrary code on affected installations. Exploitation of this vulnerability requires user interaction, as the target must visit a malicious page or open a malicious file. The vulnerability lies in how WinRAR handles file paths within archive files, where a specially crafted file path can cause the process to traverse to unintended directories. By leveraging this vulnerability, an attacker can execute code within the security context of the current user.

CVE-2025-55184 is a denial-of-service vulnerability affecting React Server Components (RSC) in versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1. It exists because the affected code unsafely deserializes payloads from HTTP requests to Server Function endpoints. This can lead to an infinite loop that hangs the server process, preventing it from serving future HTTP requests. The vulnerability can be triggered by sending a specially crafted HTTP request to any App Router endpoint. Exploitation does not require authentication and can be achieved with basic HTTP request crafting skills. An initial fix for this vulnerability was incomplete, and a complete fix has been issued under CVE-2025-67779.

CVE-2025-54068 is a remote command execution (RCE) vulnerability found in Livewire, a full-stack framework for Laravel. Specifically, it affects Livewire v3 versions up to and including v3.6.3. The vulnerability stems from how certain component property updates are handled during hydration, which could allow unauthenticated attackers to execute arbitrary code. Exploitation requires a component to be mounted and configured in a particular way but does not require authentication or user interaction. The vulnerability lies in the `hydrateForUpdate` method within the `Livewire\Mechanisms\HandleComponents\HandleComponents` class. A specially crafted update payload can bypass validation and sanitization during the hydration process, causing the framework to interpret untrusted input as executable code. This issue has been patched in Livewire v3.6.4, and users are strongly encouraged to upgrade to this version or later as soon as possible. There are no known workarounds.

CVE-2025-43520 is identified as a memory corruption issue, specifically a classic buffer overflow vulnerability, affecting multiple Apple operating systems. These include watchOS, iOS, iPadOS, macOS, visionOS, and tvOS. The vulnerability could potentially allow a malicious application to cause unexpected system termination or write to kernel memory. Apple has addressed this issue with improved memory handling, and fixes have been implemented in various updated versions of its operating systems, such as watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, and tvOS 26.1. This vulnerability has also been noted as part of the "DarkSword" exploit chain, which has been utilized by state-sponsored actors and spyware vendors.

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.