Find notable cyber news and cases, enriched with sources, timelines, and signals.

HPE OneView CVE-2025-37164 patch release

Security Patch Release
First reported
Last updated
Happening score
H score 47
1 unique sources, 1 articles

Summary

Hide ▲

Hewlett Packard Enterprise released version 11.00 to fix CVE-2025-37164, a CVSS 10.0 flaw in HPE OneView Software that could allow remote code execution. HPE also provided hotfixes for versions 5.20 through 10.20, giving administrators a clear remediation path for affected deployments. The vendor said the update covers all versions prior to 11.00, making the release the primary fix for the issue.

Cases

Related Happenings

SimpleHelp security update for CVE-2026-48558

Security Patch Release
H score65 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...

Veeam security patch release for CVE-2026-44963

Security Patch Release
H score79 First: 09.06.2026 17:27 Last: 09.06.2026 17:27 Sources 1

About this happening: **Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...

LiteLLM endpoint-hardening patch release (CVE-2026-42271)

Security Patch Release
H score59 First: 09.06.2026 09:26 Last: 09.06.2026 09:26 Sources 1

About this happening: BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...

Redis security patch release for CVE-2026-23479

Security Patch Release
H score24 First: 03.06.2026 16:47 Last: 03.06.2026 16:47 Sources 1

About this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...

The vendor security patch release for CVE-2026-8206

Security Patch Release
H score89 First: 03.06.2026 01:12 Last: 03.06.2026 01:12 Sources 1

About this happening: **Kirki - Freeform Page Builder, Website Builder & Customizer** shipped **version 6.0.7** to fix **CVE-2026-8206**, a privilege-escalation flaw that could let attackers take over...

Timeline

  1. 18.12.2025 16:39 2 articles · 6mo ago

    HPE releases OneView 11.00 and hotfixes for CVE-2025-37164

    Mitigation Patch Update

    Hewlett Packard Enterprise resolved CVE-2025-37164 in HPE OneView Software, a maximum-severity flaw with CVSS 10.0 that could allow a remote unauthenticated user to perform remote code execution, and made available a hotfix for OneView versions 5.20 through 10.20 along with separate hotfixes for the OneView virtual appliance and Synergy Composer2.

    Show sources