Rewterz

Remote Code Execution via ksmbd Flaw in the Linux Kernel

October 3, 2025
Rewterz

Cl0p Ransomware Exploits Zero-Day in Oracle E-Business Suite

October 6, 2025

Multiple Apache Kylin Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-61735 CVSS:7.3

Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. This issue affects Apache Kylin from 4.0.0 through 5.0.2. You are fine as long as the Kylin's system and project admin access is well protected. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

CVE-2025-61733 CVSS:7.5

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin. This issue affects Apache Kylin from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

CVE-2025-61734 CVSS:7.5

Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Kylin from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

Impact

  • Gain Access
  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2025-61735

  • CVE-2025-61733

  • CVE-2025-61734

Affected Vendors

Apache

Affected Products

  • Apache Kylin 4.0.0 - 5.0.2

Remediation

Refer to Apache Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-61735

CVE-2025-61733

CVE-2025-61734

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.