Vulnerability Summary for the Week of December 15, 2025

High Vulnerabilities

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins

Primary Vendor — Product	Description	Published	CVSS Score	Source Info	Patch Info
Cisco–Cisco Secure Email	Cisco is aware of a potential vulnerability.  Cisco is currently investigating and will update these details as appropriate as more information becomes available.	2025-12-17	10	CVE-2025-20393	cisco-sa-sma-attack-N9bf4
Hewlett Packard Enterprise (HPE)–HPE OneView	A remote code execution issue exists in HPE OneView.	2025-12-16	10	CVE-2025-37164	https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn4985en_us&docLocale=en_US
smallstep–Step-CA	An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.	2025-12-17	10	CVE-2025-44005	https://talosintelligence.com/vulnerability_reports/TALOS-2025-2242 https://github.com/smallstep/certificates/security/advisories/GHSA-h8cp-697h-8c8p