CISA has added multiple new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Two of these vulnerabilities are for Mitel MiCollab, a popular enterprise collaboration suite. The bugs are both path traversal vulnerabilities that can allow attackers to gain administrative privileges and access non-sensitive information. The third vulnerability is for Oracle WebLogic Server and is classified as “easily exploitable.” It allows an unauthenticated attacker to execute code and compromise a vulnerable Oracle WebLogic Server. 

Read more: https://www.helpnetsecurity.com/2025/01/08/mitel-micollab-oracle-weblogic-server-vulnerabilities-exploited-by-attackers/