Remote code execution vulnerability

CVE-2025-6554 is a Type Confusion vulnerability in the Google Chrome V8 JavaScript engine. Type Confusion is a common class of memory corruption vulnerabilities that can lead to unsafe memory operations when a program incorrectly interprets one data type as another, allowing an attacker to execute arbitrary code on the victim's system.

WordPress has released version 6.4.2, which contains a patch for a critical security vulnerability that could be exploited by threat actors to combine it with another vulnerability to execute arbitrary PHP code on vulnerable websites.

Background: GitLab officially released a security advisory to fix a remote code execution vulnerability (CVE-2022-2884) in GitLab Community Edition (CE) and Enterprise Edition (EE). The vulnerability allows authenticated users to access the GitLab Community Edition (CE) and Enterprise Edition (EE) by...

Vulnerability description: WPS office software is an office software suite independently developed by Kingsoft Office Software Co., Ltd. It can realize the most commonly used functions of office software such as text, tables, presentations, etc., covering windows, macos, L...