VulnCheck Blogs

Blogs

Critical CVEs, CVSS v4, and the Adoption Gap No One Talks About

VulnCheck’s blog on CVSS severity explores why CVSS scores alone can be misleading when prioritizing vulnerabilities. It emphasizes the importance of considering real-world exploitability and threat intelligence alongside severity ratings to make better risk-based decisions. The post advocates for a more holistic approach to vulnerability management beyond just CVSS numbers.
READ MORE >

React2Shell Exploits on GitHub

VulnCheck investigated how React2Shell exploits are spreading through GitHub repositories, uncovering patterns that attackers use to weaponize open-source projects. The research highlights the risks of supply chain compromise and offers recommendations for developers to secure their code and dependencies. This analysis reinforces the need for vigilant monitoring of public code ecosystems.
READ MORE >

React2Shell and What Our Canaries See

VulnCheck deployed Canary sensors to track React2Shell exploit attempts in real-world environments, providing early warning of active attacks on the React ecosystem. This intelligence helps security teams prioritize patching and strengthen defenses before widespread exploitation occurs. The research demonstrates the value of proactive monitoring in mitigating emerging web application threats.
READ MORE >

React2Shell Variants & the CVE-2025-55182 Exploit Ecosystem

VulnCheck analyzed the React2Shell exploit variants targeting the React ecosystem, revealing how attackers adapt techniques to compromise modern web applications. The blog details the evolution of these threats and offers guidance for developers to mitigate risks through secure coding and timely patching. This research emphasizes the importance of monitoring exploit trends to protect application frameworks.
READ MORE >

Critical vulnerability in React and Next.js (CVE-2025-55182)

VulnCheck discovered CVE‑2025‑55182, a critical vulnerability in React Next.js that allows attackers to bypass security controls and execute malicious code under certain conditions. The blog explains how this flaw impacts web applications and provides guidance for developers to patch and mitigate the risk. This research underscores the importance of proactive vulnerability management in modern frameworks.
READ MORE >

Helping Improve and Scale the CVE Ecosystem Through the Lens of Security Research

VulnCheck is helping scale the CVE program by automating vulnerability identification and reporting as an official CVE Numbering Authority (CNA). Their approach streamlines the assignment of CVE IDs and accelerates disclosure, ensuring faster, more accurate vulnerability tracking for vendors and researchers. This initiative strengthens global security by improving transparency and reducing delays in vulnerability management.
READ MORE >

Introducing VulnCheck Canary Intelligence

VulnCheck Canary Intelligence is a proactive threat detection system that monitors real-world exploitation across thousands of honeypots to identify vulnerabilities before they become widespread. It delivers actionable insights by correlating exploit attempts with vulnerability data, helping security teams prioritize patching and stay ahead of attackers. This approach ensures faster, more accurate threat intelligence than traditional methods.
READ MORE >

VulnCheck Research Highlights: November 2025

VulnCheck’s November2025 research highlights include in-the-wild exploitation of a critical WSUS remote code execution flaw (CVE‑2025‑59287), along with attacks on systems such as XWiki (CVE‑2025‑24893) and ICTBroadcast (CVE‑2025‑2611), all detected via their Canary network. The team added 95 new vulnerabilities to their KEV list many ahead of CISA and their CNA assigned 162 new CVEs, including 13 tied to active exploits, driven by audits, community disclosures, and Canary-observed threats.
READ MORE >

VulnCheck Research Highlights: October 2025

VulnCheck’s October2025 research roundup highlights several high-impact zero-day exploits including Citrix, Cisco ASA/FTD, Fortra GoAnywhere MFT, and Oracle E-Business Suite with many added to the Known Exploited Vulnerabilities (KEV) list. The team also bolstered initial-access intelligence by tracking post-auth exploits in platforms like N‑able N‑central, FOG, Cisco ASDM, and more, while their CVE Numbering Authority (CNA) assigned 60 new CVEs and coordinated disclosures from community researchers.
READ MORE >

THREATCON1 2025 Recap: A New Standard for Cybersecurity Events

VulnCheck’s inaugural THREATCON1 event in September 2025 drew over 300 cybersecurity professionals including CISOs, intelligence analysts, and 17 customers featuring 34 presenters across technical and spotlight tracks addressing emerging cyber threats. Highlights included a thought-provoking keynote moderated by VulnCheck’s CMO with former CISA Director Jen Easterly and ex-CIA cyber intelligence chief Andrew Boyd, plus engaging community activities like a golf tournament and Capture the Flag challenge all supported by key partners and sponsors.
READ MORE >

Exploring Targeted Technologies and Countries of the Flax Typhoon Botnet

Last week, Five Eyes agencies issued a Joint Cybersecurity Advisory titled, “People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations”. The report was authored across multiple agencies including the FBI, US Cyber Command, NSA, Australian Signals Directorate, ACSC, NCSC of New Zealand, Canada, and NCSC UK.
READ MORE >

5 Ways to Enhance Your Security Product Offering with VulnCheck

VulnCheck prioritizes vulnerabilities, improves the visibility of vulnerable products, expands detection capabilities, broadens open-source vulnerability visibility, and identifies potentially vulnerable systems. Discover how VulnCheck can help your organization outpace adversaries with predictive vulnerability intelligence.
READ MORE >

Intelligence is the Most Important and Most Lucrative Asset in Cybersecurity

Recorded Future was acquired by Mastercard yesterday for $2.65B, which is an encouraging macro indicator for the threat intelligence market and adjacent markets. Mastercard has plucked off acquisition targets in the broader cyber space in a pragmatic way to maintain competitive advantage vs Visa and others.
READ MORE >

State of Exploitation - A Peek into 1H-2024 Vulnerability Exploitation

In this series, we explore vulnerability disclosure and exploitation, drawing insights from VulnCheck’s Exploit and Vulnerability Intelligence services. VulnCheck leverages automated and scalable processes to collect and analyze data from various sources, providing a comprehensive overview of the threat landscape.
READ MORE >

Solutions for Public Sector and Solutions for Commercial and Enterprise

Events & Resources

Contracts & Ordering

Join Our Partner Ecosystem