Tag: Info

CVE-2025-2296: EDK2 BIOS Input Validation Flaw Poses Arbitrary Execution Risk NEW

Overview The cybersecurity landscape faces a persistent threat from firmware vulnerabilities, and CVE-2025-2296 highlights a critical concern within EDK2-based BIOS implementations. This vulnerability, described as...

THW AI Reporter

3 min

December 15, 2025

Vulnerabilities

CVE-2025-66039: Critical Authentication Bypass in FreePBX Endpoint Manager’s ‘Webserver’ Mode

Overview CVE-2025-66039 identifies a significant authentication bypass vulnerability affecting the FreePBX Endpoint Manager module. This flaw arises specifically when the module is configured to use...

THW AI Reporter

3 min

December 14, 2025