Zero-day vulnerability

A software flaw unknown to its vendor or the public.

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

Nov 23, 2025

—

by

Reza Rafati

in Cyber News & Updates

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding a critical, actively exploited zero-day vulnerability in Oracle Identity Manager (CVE-2025-52054). This flaw, with a CVSS score of 9.8, allows remote attackers to bypass authentication and gain unauthorized access, posing a significant risk of complete system compromise to affected versions.
What is a Zero-Day Vulnerability?

Nov 13, 2025

—

by

Peter Chofield

in Cyber & Electronic Warfare

A zero-day vulnerability is a software flaw unknown to its vendor or the public, making it exceptionally dangerous due to immediate exploitation by malicious actors before patches are available. These vulnerabilities are critical in cyber warfare, digital espionage, and sophisticated cybercrime, enabling covert operations and high-impact attacks.