ZeroPath Blog & Research
Explore our team's latest research and stay up to date with ZeroPath's capabilities.

Windows AFD.sys Zero-Day CVE-2025-32709: Exploiting Use-After-Free for SYSTEM Privileges
An in-depth technical analysis of CVE-2025-32709, a use-after-free vulnerability in Windows Ancillary Function Driver for WinSock, actively exploited to escalate privileges to SYSTEM level.




Excel Under Siege: Dissecting CVE-2025-32704's Buffer Over-Read Vulnerability
An in-depth technical analysis of CVE-2025-32704, a critical buffer over-read vulnerability in Microsoft Excel, detailing exploitation methods, affected versions, and essential patching steps.




Type Confusion Strikes Again: Analyzing CVE-2025-30397 in Microsoft's Scripting Engine
CVE-2025-30397 exposes a critical type confusion flaw in Microsoft's Scripting Engine, enabling remote attackers to execute arbitrary code via Edge's IE Mode. Immediate patching is essential.



Azure Document Intelligence Studio Path Traversal Flaw (CVE-2025-30387): Critical Privilege Escalation Risk
A critical path traversal vulnerability (CVE-2025-30387) in Azure Document Intelligence Studio On-Prem allows attackers to escalate privileges remotely, demanding immediate patching and mitigation.

Silent Threat: CVE-2025-30386 Exploits Microsoft Office Preview Pane for Remote Code Execution
CVE-2025-30386, a critical use-after-free vulnerability in Microsoft Office, allows attackers to execute code silently via the Preview Pane, posing significant risks to enterprise security.





Excel Under Siege: Unpacking CVE-2025-30381's Out-of-Bounds Read Exploit
A critical out-of-bounds read vulnerability in Microsoft Excel (CVE-2025-30381) exposes users to potential local code execution. Discover the technical details, mitigation strategies, and patch information to safeguard your systems.



Silent Threat: CVE-2025-30377 Exploits Microsoft Office Preview Pane for Remote Code Execution
CVE-2025-30377, a critical use-after-free vulnerability in Microsoft Office, enables attackers to execute arbitrary code via Outlook's Preview Pane without user interaction.










Critical Heap Overflow in Microsoft RD Gateway (CVE-2025-29967): Remote Code Execution Risk
A detailed technical analysis of CVE-2025-29967, a critical heap-based buffer overflow in Microsoft's Remote Desktop Gateway Service, enabling remote code execution without authentication.

Windows Remote Desktop Under Siege: Analyzing CVE-2025-29966 Heap Overflow
A critical heap-based buffer overflow in Windows Remote Desktop Client (CVE-2025-29966) allows remote attackers to execute arbitrary code without user interaction. We dissect the vulnerability, exploitation methods, and essential mitigation strategies.


CVE-2025-26677: Remote Desktop Gateway Resource Exhaustion Threatens Enterprise Availability
A high-severity uncontrolled resource consumption vulnerability in Windows Remote Desktop Gateway (RD Gateway) service (CVE-2025-26677) enables attackers to trigger denial-of-service conditions, disrupting critical remote access operations.


Ivanti Neurons for ITSM Hit by Critical Auth Bypass (CVE-2025-22462): Immediate Action Required
A critical authentication bypass vulnerability (CVE-2025-22462) in Ivanti Neurons for ITSM allows unauthenticated attackers administrative access, demanding immediate patching and mitigation.




Growatt Cloud Applications at Risk: Unpacking CVE-2025-24297 Stored XSS Vulnerability
A critical stored XSS vulnerability (CVE-2025-24297) in Growatt Cloud Applications allows attackers to inject malicious JavaScript, posing severe risks to user privacy and system integrity.

Oracle Database Java VM Vulnerability CVE-2025-30736: Remote Exploitation Risks and Mitigation
CVE-2025-30736 exposes Oracle Database Java VM to remote unauthenticated attacks, risking critical data integrity and confidentiality. Immediate patching and mitigation strategies are essential.


Oracle E-Business Suite Under Siege: Critical RCE in iSurvey Module (CVE-2025-30727)
A critical remote code execution vulnerability (CVE-2025-30727) has been identified in Oracle E-Business Suite's iSurvey Module, allowing unauthenticated attackers to fully compromise affected systems.

Oracle E-Business Suite Exposed: CVE-2025-30716 Enables Unauthenticated Data Access
A critical vulnerability in Oracle E-Business Suite's CRM User Management Framework (CVE-2025-30716) allows unauthenticated attackers to access sensitive data remotely. Immediate patching is essential.








Critical RCE in BentoML Runner Server: Deep Dive into CVE-2025-32375
An in-depth technical analysis of CVE-2025-32375, a critical remote code execution vulnerability in BentoML's runner server, including exploitation methods, detection techniques, and patching guidance.

React Router Under Siege: Analyzing CVE-2025-31137 URL Spoofing Vulnerability
Dive deep into CVE-2025-31137, a high-severity URL spoofing vulnerability affecting React Router and Remix applications using Express adapters. Learn how attackers exploit HTTP headers and how to protect your applications.




Exploiting Trust: Inside CVE-2025-23120 Veeam Backup & Replication RCE Vulnerability
An in-depth technical breakdown of CVE-2025-23120, a critical remote code execution vulnerability affecting Veeam Backup & Replication, including exploitation methods, detection strategies, and immediate patching guidance.