top of page
ALL POSTS
Critical Apache Solr Vulnerability Exposes Clusters to Remote Exploitation
Key Findings Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 contain hardcoded default credentials that allow unauthenticated remote administrative access CVE-2026-44825 affects only installations using the command-line authentication tool, not manually configured systems Industrial IoT converters using USR-W610 devices have a critical CVSS 9.8 vulnerability (CVE-2026-7786) with embedded plaintext credentials USR device manufacturer has not responded to vulnerability coo
Jun 33 min read
CISA Warns: Critical Wyant Enterprise Flaw (CVE-2025-13987, CVSS 10.0) Allows Unauthenticated SYSTEM Takeover of Building Automation Systems
Key Findings A critical security flaw (CVE-2025-13658, CVSS 9.8) has been discovered in the Longwatch video surveillance and monitoring system developed by Industrial Video & Control (IV&C). The vulnerability allows unauthenticated remote code execution with SYSTEM-level privileges, enabling complete takeover of the affected OT surveillance systems. The flaw resides in the way the Longwatch devices handle incoming web traffic, allowing arbitrary code execution through an expo
Dec 3, 20252 min read
bottom of page
