HPE OneView CVE-2025-37164 patch release
Security Patch Release
Summary
Hide ▲
Show ▼
Hewlett Packard Enterprise released version 11.00 to fix CVE-2025-37164, a CVSS 10.0 flaw in HPE OneView Software that could allow remote code execution. HPE also provided hotfixes for versions 5.20 through 10.20, giving administrators a clear remediation path for affected deployments. The vendor said the update covers all versions prior to 11.00, making the release the primary fix for the issue.
Cases
Related Happenings
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
Veeam security patch release for CVE-2026-44963
Security Patch Release
H score79
First: 09.06.2026 17:27
Last: 09.06.2026 17:27
Sources 1
About this happening:
**Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
Veeam security patch release for CVE-2026-44963
Security Patch ReleaseAbout this happening: **Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch Release
H score59
First: 09.06.2026 09:26
Last: 09.06.2026 09:26
Sources 1
About this happening:
BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch ReleaseAbout this happening: BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
Redis security patch release for CVE-2026-23479
Security Patch Release
H score24
First: 03.06.2026 16:47
Last: 03.06.2026 16:47
Sources 1
About this happening:
**Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...
Redis security patch release for CVE-2026-23479
Security Patch ReleaseAbout this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...
The vendor security patch release for CVE-2026-8206
Security Patch Release
H score89
First: 03.06.2026 01:12
Last: 03.06.2026 01:12
Sources 1
About this happening:
**Kirki - Freeform Page Builder, Website Builder & Customizer** shipped **version 6.0.7** to fix **CVE-2026-8206**, a privilege-escalation flaw that could let attackers take over...
The vendor security patch release for CVE-2026-8206
Security Patch ReleaseAbout this happening: **Kirki - Freeform Page Builder, Website Builder & Customizer** shipped **version 6.0.7** to fix **CVE-2026-8206**, a privilege-escalation flaw that could let attackers take over...
Timeline
-
18.12.2025 16:39 2 articles · 6mo ago
HPE releases OneView 11.00 and hotfixes for CVE-2025-37164
Mitigation Patch UpdateHewlett Packard Enterprise resolved CVE-2025-37164 in HPE OneView Software, a maximum-severity flaw with CVSS 10.0 that could allow a remote unauthenticated user to perform remote code execution, and made available a hotfix for OneView versions 5.20 through 10.20 along with separate hotfixes for the OneView virtual appliance and Synergy Composer2.
Show sources
- HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution — thehackernews.com — 18.12.2025 16:39
- HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution — thehackernews.com — 18.12.2025 16:39