Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
CVE-2025-12357: Critical SLAC Vulnerability Threatens EV Charging Security
A newly discovered vulnerability in the ISO 15118 electric vehicle charging protocol has security researchers and EV manufacturers on high alert. Designated CVE-2025-12357, this critical weakness in...
Hitachi Energy TropOS 4th Gen Vulnerabilities Expose Critical Infrastructure
Hitachi Energy has disclosed three high-severity vulnerabilities in its TropOS 4th Generation industrial wireless routers that could allow authenticated, low-privilege users to gain root access and...
CISA Urges Exchange Hardening and EOL Server Decommission After 365 Migration
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent playbook detailing critical security measures organizations must implement when maintaining on-premises Exchange...
FSL-MC Bus CVE-2025-40029: NXP Systems Gain Crash Protection via Kernel NULL Pointer Fix
The Linux kernel development community has addressed a significant security vulnerability identified as CVE-2025-40029, affecting the Freescale Management Complex (fsl-mc) bus driver. This robustness...
Linux Kernel Fixes Critical ARM SPE Overflow Bug CVE-2025-40081 with Single Cast Change
A critical vulnerability in the Linux kernel's ARM Statistical Profiling Extension (SPE) performance monitoring driver has been addressed with a remarkably simple one-line fix that prevents potential...
Linux Kernel PTP Patch Fixes CVE-2025-40057 Vulnerability
The Linux kernel development team has addressed a significant security vulnerability in the Precision Time Protocol (PTP) subsystem with a targeted patch for CVE-2025-40057. This resource-allocation...
Vhost/vringh Partial Copy Bug Fixed as Kernel Security Error
The Linux kernel development team has implemented a critical correctness fix for the vhost/vringh dataplane subsystem that addresses a subtle but important security vulnerability. This surgical patch...
CVE-2025-40071 Patch Fixes Linux Kernel n_gsm Driver Deadlock in GSM Systems
A critical deadlock vulnerability in the Linux kernel's n_gsm line discipline driver has been addressed with the CVE-2025-40071 security patch, preventing potential system hangs and denial-of-service...
RISC-V BPF Bug CVE-2025-40079 Patched in Linux Kernel for Privilege Escalation Risk
The Linux kernel development team has released a critical upstream fix addressing CVE-2025-40079, a RISC-V specific vulnerability affecting BPF (Berkeley Packet Filter) subsystem behavior. This...
CVE-2025-40051: Linux Kernel vhost vringh Patch Fixes Critical Memory Corruption Vulnerability
The Linux kernel development team has addressed a significant security vulnerability designated CVE-2025-40051, which affects the vhost/vringh subsystem and could lead to memory corruption, privilege...
RISC-V KVM VMID Security Fix: Critical Bare Mode Compliance Patch
A critical security vulnerability in RISC-V KVM virtualization has been patched after researchers discovered a subtle specification mismatch that could potentially expose systems to privilege...
Linux kernel patch CVE-2025-40025 stops F2FS crashes from bad node footers
A critical vulnerability in the Flash-Friendly File System (F2FS) has been addressed with the assignment of CVE-2025-40025, targeting a specific weakness in how the Linux kernel handles malformed...