Critical Vulnerabilities and Innovations in Cybersecurity

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543
Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service.
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
Remote code execution in CentOS Web Panel - CVE-2025-48703
An arbitrary file upload vulnerability in the user (not admin) part of Web Panel can be used to execute arbitrary code
https://fenrisk.com/rce-centos-webpanel
Gogs Arbitrary File Deletion Vulnerability
Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution.
https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7
Let s Encrypt Will Soon Issue IP Address-Based Certs
Let s Encrypt is almost ready to issue certificates for IP address SANs from Let's Encrypt's production environment. They'll only be available under the short-lived profile (which has a 6-day validity period), and that profile will remain allowlist-only for a while.
https://community.letsencrypt.org/t/getting-ready-to-issue-ip-address-certificates/238777