tonyharris.io

PoC Year: 2025

Posted on Dec 31, 2025

The most featured CVEs in this year’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them. Follow links with caution.

CVE-2025-53770

CVE-2025-31324

CVE-2025-59287

CVE-2025-29824

CVE-2025-53771

CVE-2025-32433

CVE-2025-42999

CVE-2024-55591

CVE-2025-55182

CVE-2025-43300

CVE-2025-5777

CVE-2021-20016

CVE-2025-21298

CVE-2025-0282

CVE-2025-53766

CVE-2025-50165

CVE-2025-26633

CVE-2025-22457

CVE-2025-21333

CVE-2025-61884

CVE-2025-59718

  • Severity: 9.8 CRITICAL
  • Impacted Products: Fortinet FortiOS, Fortinet FortiProxy, Fortinet FortiSwitchManager
  • Description: Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an improper verification of cryptographic signature vulnerability that allows an unauthenticated attacker to bypass FortiCloud SSO login authentication. This flaw can be exploited by sending a specially crafted SAML response message.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59718
  • PoC:

CVE-2025-49704

CVE-2025-62215

CVE-2025-57819

CVE-2025-48828

CVE-2025-48827

CVE-2025-48384

CVE-2025-33073

CVE-2025-33053

CVE-2025-30397

CVE-2025-29927

CVE-2025-2783

CVE-2025-27363

CVE-2018-0171

CVE-2025-7775

CVE-2025-64446

CVE-2025-61757

CVE-2025-25257

  • Severity: 9.8 CRITICAL
  • Impacted Products: Fortinet FortiWeb 7.6.0 through 7.6.3, Fortinet FortiWeb 7.4.0 through 7.4.7, Fortinet FortiWeb 7.2.0 through 7.2.10, Fortinet FortiWeb below 7.0.10
  • Description: Fortinet FortiWeb is affected by an SQL Injection vulnerability that allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPS requests, which can be escalated to remote code execution. This flaw exists due to improper neutralization of special elements in SQL commands.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-25257
  • PoC:

CVE-2025-24990

CVE-2025-20352

CVE-2025-1974

CVE-2024-50603

CVE-2024-3721

CVE-2025-6558

CVE-2025-61882

CVE-2025-54236

CVE-2025-32756

CVE-2025-31200

CVE-2025-20337

CVE-2025-10035

CVE-2024-7399

CVE-2024-12847

CVE-2025-59489

CVE-2025-55315

CVE-2025-5086

  • Severity: 9.0 CRITICAL
  • Impacted Products: DELMIA Apriso Release 2020, DELMIA Apriso Release 2021, DELMIA Apriso Release 2022, DELMIA Apriso Release 2023, DELMIA Apriso Release 2024
  • Description: A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5086
  • PoC:

CVE-2025-50154

CVE-2025-4428

CVE-2025-4427

CVE-2025-34028

CVE-2025-3248

CVE-2025-30400

CVE-2025-26399

CVE-2025-25256

  • Severity: 9.8 CRITICAL
  • Impacted Products: Fortinet FortiSIEM 7.3.0 through 7.3.1, Fortinet FortiSIEM 7.2.0 through 7.2.5, Fortinet FortiSIEM 7.1.0 through 7.1.7, Fortinet FortiSIEM 7.0.0 through 7.0.3, Fortinet FortiSIEM before 6.7.9
  • Description: An improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-25256
  • PoC:

CVE-2025-24893

CVE-2025-24252

CVE-2025-24201

CVE-2025-24016

CVE-2025-20281

CVE-2024-54794

CVE-2024-48887

CVE-2024-3400

CVE-2017-11882

CVE-2025-54336

  • Severity: 9.8 CRITICAL
  • Impacted Products: Plesk Obsidian 18.0.70
  • Description: In Plesk Obsidian 18.0.70, _isAdminPasswordValid uses an == comparison. Thus, if the correct password is “0e” followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 (such as the 0e0 string). This occurs in admin/plib/LoginManager.php.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-54336
  • PoC:

CVE-2025-54100

CVE-2025-53690

CVE-2025-52376

  • Severity: 9.8 CRITICAL
  • Impacted Products: Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below
  • Description: An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible with hard-coded credentials, allowing attackers to gain administrative shell access and execute arbitrary commands on the device.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52376
  • PoC:

CVE-2025-49844

CVE-2025-49706

CVE-2025-44148

  • Severity: 9.8 CRITICAL
  • Impacted Products: MailEnable 10
  • Description: MailEnable versions prior to 10 contain a Cross-Site Scripting (XSS) vulnerability in the failure.aspx component. This flaw allows a remote attacker to execute arbitrary code in the context of a victim’s browser session.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44148
  • PoC:

CVE-2025-4404

CVE-2025-32711

  • Severity: 9.3 CRITICAL
  • Impacted Products: M365 Copilot
  • Description: Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32711
  • PoC:

CVE-2025-32710

CVE-2025-31161

CVE-2025-27480

CVE-2025-27218

CVE-2024-53704

CVE-2024-40891

  • Severity: 9.8 CRITICAL
  • Impacted Products: Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615
  • Description: **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-40891
  • PoC:

CVE-2017-17761

CVE-2025-8723

  • Severity: 9.8 CRITICAL
  • Impacted Products: Cloudflare Image Resizing plugin for WordPress, 1.5.6
  • Description: The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8723
  • PoC:

CVE-2025-8356

  • Severity: 9.8 CRITICAL
  • Impacted Products: Xerox FreeFlow Core 8.0.4
  • Description: In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution (RCE), allowing the attacker to run arbitrary commands on the system.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8356
  • PoC:

CVE-2025-7340

CVE-2025-6758

  • Severity: 9.8 CRITICAL
  • Impacted Products: Real Spaces - WordPress Properties Directory Theme, 3.6
  • Description: The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the ‘imic_agent_register’ function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during user registration.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6758
  • PoC:

CVE-2025-67506

  • Severity: 9.8 CRITICAL
  • Impacted Products: PipesHub 0.1.0-beta
  • Description: PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload to os.path.join(tmpdir, file.filename) without normalizing the filename.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-67506
  • PoC:

CVE-2025-67494

CVE-2025-67489

  • Severity: 9.8 CRITICAL
  • Impacted Products: @vitejs/plugin-rs 0.5.5 and below
  • Description: @vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Versions 0.5.5 and below are vulnerable to arbitrary remote code execution on the development server through unsafe dynamic imports in server function APIs (loadServerAction, decodeReply, decodeAction) when integrated into RSC applications that expose server function endpoints. Attackers with network access to the development server can read/modify files, exfiltrate sensitive data etc.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-67489
  • PoC:

CVE-2025-64095

CVE-2025-62481

CVE-2025-59528

CVE-2025-59434

  • Severity: 9.6 CRITICAL
  • Impacted Products: Cloud-Hosted Flowise, August 2025
  • Description: Flowise is a drag & drop user interface to build a customized large language model flow. Prior to August 2025 Cloud-Hosted Flowise, an authenticated vulnerability in Flowise Cloud allows any user on the free tier to access sensitive environment variables from other tenants via the Custom JavaScript Function node. This includes secrets such as OpenAI API keys, AWS credentials, Supabase tokens, and Google Cloud secrets — resulting in a full cross-tenant data exposure.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59434
  • PoC:

CVE-2025-59046

  • Severity: 9.8 CRITICAL
  • Impacted Products: interactive-git-checkout 1.1.4
  • Description: The npm package interactive-git-checkout is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via npm install -g interactive-git-checkout. Versions up to and including 1.1.4 of the interactive-git-checkout tool are vulnerable to a command injection vulnerability.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59046
  • PoC:

CVE-2025-58768

  • Severity: 9.6 CRITICAL
  • Impacted Products: DeepChat 0.3.5
  • Description: DeepChat is a smart assistant uses artificial intelligence. Prior to version 0.3.5, in the Mermaid chart rendering component, there is a risky operation of directly using innerHTML to set user content. Therefore, any malicious content rendered via Mermaid will directly trigger the exploit chain, leading to command execution. This vulnerability is primarily caused by a failure to fully address the existing XSS issue in the project, leading to another exploit chain.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-58768
  • PoC:

CVE-2025-58762

CVE-2025-58034

CVE-2025-57441

  • Severity: 9.8 CRITICAL
  • Impacted Products: Blackmagic ATEM Mini Pro 2.7
  • Description: The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream configuration information via an unauthenticated Telnet service on port 9990. Upon connection, the attacker can access a protocol preamble that leaks the video mode, routing configuration, input/output labels, device model, and even internal identifiers such as the unique ID. This can be used for reconnaissance and planning further attacks.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57441
  • PoC:

CVE-2025-57437

  • Severity: 9.8 CRITICAL
  • Impacted Products: Blackmagic Web Presenter HD firmware version 3.3
  • Description: The Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive information via an unauthenticated Telnet service on port 9977. When connected, the service reveals extensive device configuration data including: - Model, version, and unique identifiers - Network settings including IP, MAC, DNS - Current stream platform, stream key, and streaming URL - Audio/video configuration This data can be used to hijack live streams or perform network reconnaissance.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57437
  • PoC:

CVE-2025-57432

  • Severity: 7.3 HIGH
  • Impacted Products: Blackmagic Web Presenter version 3.3
  • Description: Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands. This service allows remote attackers to manipulate stream settings, including changing video modes and possibly altering device functionality. No credentials or authentication mechanisms are required to interact with the Telnet interface.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57432
  • PoC:

CVE-2025-56074

  • Severity: 9.8 CRITICAL
  • Impacted Products: PHPGurukul Park Ticketing Management System v2.0
  • Description: A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-56074
  • PoC:

CVE-2025-55730

  • Severity: 10.0 CRITICAL
  • Impacted Products: XWiki Remote Macros 1.0, XWiki Remote Macros 1.26.5
  • Description: XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the title in the confluence paste code macro allows remote code execution for any user who can edit any page. The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 has a fix for the issue.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-55730
  • PoC:

CVE-2025-55727

CVE-2025-54802

CVE-2025-54381

CVE-2025-54253

CVE-2025-5394

  • Severity: 9.8 CRITICAL
  • Impacted Products: Alone – Charity Multipurpose Non-profit WordPress Theme, 7.8.3
  • Description: The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers to upload zip files containing webshells disguised as plugins from remote locations to achieve remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5394
  • PoC:

CVE-2025-53890

  • Severity: 5.4 MEDIUM
  • Impacted Products: pyload 0.5.0b3.dev89
  • Description: pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no user interaction or authentication and can result in session hijacking, credential theft, and full system remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-53890
  • PoC:

CVE-2025-53072

CVE-2025-50567

  • Severity: 10.0 CRITICAL
  • Impacted Products: Saurus CMS Community Edition 4.7.1
  • Description: Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50567
  • PoC:

CVE-2025-4978

  • Severity: 9.8 CRITICAL
  • Impacted Products: Netgear DGND3700 1.1.00.15_1.00.15NA
  • Description: A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4978
  • PoC:

CVE-2025-49533

CVE-2025-48703

CVE-2025-46724

CVE-2025-4632

CVE-2025-46059

  • Severity: 8.2 HIGH
  • Impacted Products: langchain-ai v0.3.51
  • Description: langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the Supplier because the code-execution issue was introduced by user-written code that does not adhere to the LangChain security practices.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-46059
  • PoC:

CVE-2025-45854

CVE-2025-44823

CVE-2025-44136

  • Severity: 9.8 CRITICAL
  • Impacted Products: MapTiler Tileserver-php v2.0
  • Description: MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter “layer” is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim’s browser.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44136
  • PoC:

CVE-2025-4322

  • Severity: 9.8 CRITICAL
  • Impacted Products: Motors theme for WordPress, 5.6.67
  • Description: The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user’s identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user passwords, including those of administrators, and leverage that to gain access to their account.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4322
  • PoC:

CVE-2025-42957

  • Severity: 9.9 CRITICAL
  • Impacted Products: SAP S/4HANA
  • Description: SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-42957
  • PoC:

CVE-2025-42944

CVE-2025-41744

CVE-2025-30406

CVE-2025-30216

CVE-2025-28915

CVE-2025-27364

  • Severity: 10.0 CRITICAL
  • Impacted Products: MITRE Caldera 4.2.0, MITRE Caldera 5.0.0
  • Description: In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera’s Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-27364
  • PoC:

CVE-2025-26410

CVE-2025-25014

CVE-2025-24797

  • Severity: 9.4 CRITICAL
  • Impacted Products: Meshtastic 2.6.2
  • Description: Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-24797
  • PoC:

CVE-2025-24118

CVE-2025-23211

CVE-2025-23061

CVE-2025-1932

CVE-2025-1307

CVE-2025-12539

  • Severity: 10.0 CRITICAL
  • Impacted Products: TNC Toolbox: Web Performance plugin for WordPress, 1.4.2
  • Description: The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the “Tnc_Wp_Toolbox_Settings::save_settings” function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-12539
  • PoC:

CVE-2025-11423

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda CH22 1.0.0.1
  • Description: A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. Performing manipulation of the argument page results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11423
  • PoC:

CVE-2025-11418

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda CH22 up to 1.0.0.1
  • Description: A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mit_ssid_index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11418
  • PoC:

CVE-2025-11170

  • Severity: 9.8 CRITICAL
  • Impacted Products: WP移行専用プラグイン for CPI, 1.0.2
  • Description: The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the Cpiwm_Import_Controller::import function in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11170
  • PoC:

CVE-2025-1094

CVE-2025-10916

  • Severity: 9.1 CRITICAL
  • Impacted Products: FormGent WordPress plugin before 1.0.4
  • Description: The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-10916
  • PoC:

CVE-2025-10183

  • Severity: 9.1 CRITICAL
  • Impacted Products: TecCom TecConnect 4.1, TecCom Connect 5
  • Description: A blind XML External Entity (XXE) injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCom Connect 5.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-10183
  • PoC:

CVE-2024-57595

  • Severity: 7.2 HIGH
  • Impacted Products: DLINK DIR-825 REVB 2.03
  • Description: DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter “wps_pin” passed to the apc_client_pin.cgi binary through a POST request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57595
  • PoC:

CVE-2024-53944

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tuoshi/Dionlink LT15D 4G Wi-Fi M7628NNxlSPv2xUI_v1.0.1802.10.08_P4, LT21B M7628xUSAxUIv2_v1.0.1481.15.02_P0
  • Description: An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injection vulnerability. The /goform/formJsonAjaxReq endpoint fails to sanitize shell metacharacters sent via JSON parameters, thus allowing attackers to execute arbitrary OS commands with root privileges.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-53944
  • PoC:

CVE-2024-51978

CVE-2024-48841

CVE-2024-46506

CVE-2024-21413

CVE-2024-13161

CVE-2024-13160

CVE-2024-13159

CVE-2024-10811

CVE-2022-3365

  • Severity: 9.8 CRITICAL
  • Impacted Products: Remote Mouse Server 4.110
  • Description: Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct’s custom control protocol. A Metasploit module was written and tested against version 4.110, the current version when this CVE was reserved.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2022-3365
  • PoC:

CVE-2019-0211

CVE-2015-10137

  • Severity: 9.8 CRITICAL
  • Impacted Products: Website Contact Form With File Upload plugin for WordPress 1.3.4
  • Description: The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘upload_file()’ function in versions up to, and including, 1.3.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2015-10137
  • PoC:

CVE-2013-3893

CVE-2025-9242

CVE-2025-8943

CVE-2025-8088

CVE-2025-6543

CVE-2025-64459

CVE-2025-55346

CVE-2025-49113

CVE-2025-47812

  • Severity: 10.0 CRITICAL
  • Impacted Products: Wing FTP Server before 7.4.4
  • Description: In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle ‘\0’ bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-47812
  • PoC:

CVE-2025-4123

CVE-2025-34033

  • Severity: 8.8 HIGH
  • Impacted Products: Blue Angel Software Suite
  • Description: An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping_addr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can inject arbitrary commands by appending shell metacharacters to the ping_addr parameter in a crafted GET request to /cgi-bin/webctrl.cgi?action=pingtest_update.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-34033
  • PoC:

CVE-2025-2776

  • Severity: 9.3 CRITICAL
  • Impacted Products: SysAid On-Prem <= 23.3.40
  • Description: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2776
  • PoC:

CVE-2025-26319

CVE-2025-24085

CVE-2025-23266

CVE-2025-13486

CVE-2024-8963

CVE-2024-54820

  • Severity: 9.8 CRITICAL
  • Impacted Products: XOne Web Monitor v02.10.2024.530, framework 1.0.4.9
  • Description: XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-54820
  • PoC:

CVE-2023-20198

CVE-2025-6554

CVE-2025-63666

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda AC15 v15.03.05.18_multi
  • Description: Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to access protected resources.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63666
  • PoC:

CVE-2025-61303

  • Severity: 5.3 MEDIUM
  • Impacted Products: Hatching Triage Sandbox Windows 10 build 2004 (2025-08-14), Hatching Triage Sandbox Windows 10 LTSC 2021 (2025-08-14)
  • Description: Hatching Triage Sandbox Windows 10 build 2004 (2025-08-14) and Windows 10 LTSC 2021(2025-08-14) contains a vulnerability in its Windows behavioral analysis engine that allows a submitted malware sample to evade detection and cause denial-of-analysis. The vulnerability is triggered when a sample recursively spawns a large number of child processes, generating high log volume and exhausting system resources.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61303
  • PoC:

CVE-2025-60736

  • Severity: 9.8 CRITICAL
  • Impacted Products: code-projects Online Medicine Guide 1.0
  • Description: code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-60736
  • PoC:

CVE-2025-55729

  • Severity: 10.0 CRITICAL
  • Impacted Products: XWiki Remote Macros 1.0, XWiki Remote Macros 1.26.5
  • Description: XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the ac:type in the ConfluenceLayoutSection macro allows remote code execution for any user who can edit any page The classes parameter is used without escaping in XWiki syntax, thus allowing XWiki syntax injection which enables remote code execution. Version 1.26.5 has a fix for the issue.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-55729
  • PoC:

CVE-2025-55728

CVE-2025-54914

CVE-2025-45746

  • Severity: 6.5 MEDIUM
  • Impacted Products: ZKT ZKBio CVSecurity 6.4.1_R
  • Description: In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the hardcoded secret to authenticate to the service console. NOTE: the Supplier disputes the significance of this report because the service console is typically only accessible from a local area network, and because access to the service console does not result in login access or data access in the context of the application software platform.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45746
  • PoC:

CVE-2025-40547

  • Severity: 9.1 CRITICAL
  • Impacted Products: Serv-U
  • Description: A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-40547
  • PoC:

CVE-2025-29891

CVE-2025-28242

CVE-2025-28238

  • Severity: 9.8 CRITICAL
  • Impacted Products: Elber REBLE310 Firmware v5.5.1.R
  • Description: Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10/4ASI allows attackers to execute a session hijacking attack.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28238
  • PoC:

CVE-2025-28236

  • Severity: 9.8 CRITICAL
  • Impacted Products: Nautel VX Series transmitters VX SW v6.4.0 and below
  • Description: Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability allows attackers to execute arbitrary code via supplying a crafted update package to the /#/software/upgrades endpoint.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28236
  • PoC:

CVE-2025-28233

  • Severity: 9.1 CRITICAL
  • Impacted Products: BW Broadcast TX600 (14980), BW Broadcast TX300 (32990) (31448), BW Broadcast TX150, BW Broadcast TX1000, BW Broadcast TX30
  • Description: Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000, TX30, and TX50 Hardware Version: 2, Software Version: 1.6.0, Control Version: 1.0, AIO Firmware Version: 1.7 allows attackers to access log files and extract session identifiers to execute a session hijacking attack.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28233
  • PoC:

CVE-2025-28232

CVE-2025-28231

  • Severity: 9.1 CRITICAL
  • Impacted Products: Itel Electronics IP Stream v1.7.0.6
  • Description: Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with Administrator privileges.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28231
  • PoC:

CVE-2025-28230

CVE-2025-28229

  • Severity: 9.8 CRITICAL
  • Impacted Products: Orban OPTIMOD 5950 Firmware v1.0.0.2, Orban OPTIMOD System v2.2.15
  • Description: Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows attackers to bypass authentication and gain Administrator privileges.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28229
  • PoC:

CVE-2025-28009

  • Severity: 9.8 CRITICAL
  • Impacted Products: Dietiqa App v1.0.20
  • Description: A SQL Injection vulnerability exists in the u parameter of the progress-body-weight.php endpoint of Dietiqa App v1.0.20.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28009
  • PoC:

CVE-2025-27636

CVE-2025-26794

CVE-2025-24132

  • Severity: 6.5 MEDIUM
  • Impacted Products: AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1
  • Description: The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-24132
  • PoC:

CVE-2025-24076

CVE-2025-24071

CVE-2025-21420

CVE-2025-20682

CVE-2025-14611

  • Severity: 10.0 CRITICAL
  • Impacted Products: Gladinet CentreStack prior to version 16.12.10420.56791, Triofox prior to version 16.12.10420.56791
  • Description: Gladinet CentreStack and Triofox products contain a hardcoded cryptographic key vulnerability in their AES implementation, which can lead to information disclosure and potentially arbitrary local file inclusion or remote code execution. This flaw stems from the use of static, predictable keys for cryptographic operations.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-14611
  • PoC:

CVE-2024-57430

  • Severity: 9.8 CRITICAL
  • Impacted Products: PHPJabbers Cinema Booking System v2.0
  • Description: An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57430
  • PoC:

CVE-2024-57428

  • Severity: 9.3 CRITICAL
  • Impacted Products: PHPJabbers Cinema Booking System v2.0
  • Description: A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields (event_img, seat_maps) and seat number configurations (number[new_X] in pjActionCreate). Attackers can inject persistent JavaScript, leading to phishing, malware injection, and session hijacking.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57428
  • PoC:

CVE-2024-57401

  • Severity: 9.8 CRITICAL
  • Impacted Products: Uniclare Student portal v.2 and before
  • Description: SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to execute arbitrary code via the Forgot Password function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57401
  • PoC:

CVE-2024-57032

  • Severity: 9.8 CRITICAL
  • Impacted Products: WeGIA < 3.2.0
  • Description: WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57032
  • PoC:

CVE-2024-55460

  • Severity: 9.8 CRITICAL
  • Impacted Products: BoardRoom Limited Dividend Distribution Tax Election System v2.0
  • Description: A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend Distribution Tax Election System Version v2.0 allows attackers to execute arbitrary code via a crafted input.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-55460
  • PoC:

CVE-2024-4577

CVE-2024-38193

CVE-2024-12084

CVE-2022-40684

CVE-2018-4063

CVE-2025-9697

  • Severity: 9.8 CRITICAL
  • Impacted Products: Ajax WooSearch WordPress plugin through 1.0.0
  • Description: The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-9697
  • PoC:

CVE-2025-9286

  • Severity: 9.8 CRITICAL
  • Impacted Products: Appy Pie Connect for WooCommerce 1.1.2
  • Description: The Appy Pie Connect for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the reset_user_password() REST handler in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to to reset the password of arbitrary users, including administrators, thereby gaining administrative access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-9286
  • PoC:

CVE-2025-9209

  • Severity: 9.8 CRITICAL
  • Impacted Products: RestroPress – Online Food Ordering System plugin for WordPress 3.0.0 to 3.1.9.2
  • Description: The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to Authentication Bypass in versions 3.0.0 to 3.1.9.2. This is due to the plugin exposing user private tokens and API data via the /wp-json/wp/v2/users REST API endpoint. This makes it possible for unauthenticated attackers to forge JWT tokens for other users, including administrators, and authenticate as them.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-9209
  • PoC:

CVE-2025-9083

  • Severity: 9.8 CRITICAL
  • Impacted Products: Ninja Forms WordPress plugin before 3.11.1
  • Description: The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-9083
  • PoC:

CVE-2025-9074

CVE-2025-8942

  • Severity: 9.1 CRITICAL
  • Impacted Products: WP Hotel Booking WordPress plugin before 2.2.3
  • Description: The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value (e.g., sending negative or out-of-range values) by intercepting and modifying requests.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8942
  • PoC:

CVE-2025-8876

  • Severity: 9.9 CRITICAL
  • Impacted Products: N-able N-central: before 2025.3.1
  • Description: Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8876
  • PoC:

CVE-2025-8875

  • Severity: 7.8 HIGH
  • Impacted Products: N-able N-central: before 2025.3.1
  • Description: Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8875
  • PoC:

CVE-2025-8730

  • Severity: 9.8 CRITICAL
  • Impacted Products: Belkin F9K1009 2.00.04, Belkin F9K1010 2.00.09
  • Description: A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8730
  • PoC:

CVE-2025-8699

  • Severity: 9.1 CRITICAL
  • Impacted Products: KioSoft “Stored Value” Unattended Payment Solutions
  • Description: The account balance is stored on an insecure MiFare Classic NFC card in some KioSoft “Stored Value” Unattended Payment Solutions. This means the cards can be read and written back. By manipulating the right field, one can “create money out of thin air” and use it to pay for goods.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8699
  • PoC:

CVE-2025-8625

  • Severity: 9.8 CRITICAL
  • Impacted Products: Copypress Rest API plugin for WordPress 1.1 to 1.2
  • Description: The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreap_handle_image() Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachments.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8625
  • PoC:

CVE-2025-8570

  • Severity: 9.8 CRITICAL
  • Impacted Products: BeyondCart Connector plugin for WordPress, 1.4.2 through 2.1.0
  • Description: The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 2.1.0. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8570
  • PoC:

CVE-2025-8359

  • Severity: 9.8 CRITICAL
  • Impacted Products: AdForest theme for WordPress, 6.0.9
  • Description: The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user’s identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users, including administrators, without access to a password.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8359
  • PoC:

CVE-2025-8355

  • Severity: 7.5 HIGH
  • Impacted Products: Xerox FreeFlow Core 8.0.4
  • Description: In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF).
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8355
  • PoC:

CVE-2025-7851

CVE-2025-7441

  • Severity: 9.8 CRITICAL
  • Impacted Products: StoryChief plugin for WordPress, 1.0.42
  • Description: The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-7441
  • PoC:

CVE-2025-7401

  • Severity: 9.8 CRITICAL
  • Impacted Products: Premium Age Verification / Restriction for WordPress plugin, 3.0.2
  • Description: The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected remote support functionality in remote_tunnel.php in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to read from or write to arbitrary files on the affected site’s server which may make the exposure of sensitive information or remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-7401
  • PoC:

CVE-2025-6934

  • Severity: 9.8 CRITICAL
  • Impacted Products: Opal Estate Pro – Property Management and Submission plugin for WordPress, FullHouse - Real Estate Responsive WordPress Theme, 1.7.5
  • Description: The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the ‘on_regiser_user’ function. This makes it possible for unauthenticated attackers to arbitrarily choose the role, including the Administrator role, assigned when registering.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6934
  • PoC:

CVE-2025-6715

  • Severity: 9.8 CRITICAL
  • Impacted Products: LatePoint WordPress plugin before 5.1.94
  • Description: The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6715
  • PoC:

CVE-2025-66438

  • Severity: 9.8 CRITICAL
  • Impacted Products: Frappe ERPNext through 15.89.0
  • Description: A Server-Side Template Injection (SSTI) vulnerability exists in the Frappe ERPNext through 15.89.0 Print Format rendering mechanism. Specifically, the API frappe.www.printview.get_html_and_style() triggers the rendering of the html field inside a Print Format document using frappe.render_template(template, doc) via the get_rendered_template() call chain.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-66438
  • PoC:

CVE-2025-66434

  • Severity: 8.8 HIGH
  • Impacted Products: Frappe ERPNext through 15.89.0
  • Description: An SSTI (Server-Side Template Injection) vulnerability exists in the get_dunning_letter_text method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates (body_text) using frappe.render_template() with a user-supplied context (doc). Although Frappe uses a custom SandboxedEnvironment, several dangerous globals such as frappe.db.sql are still available in the execution context via get_safe_globals().
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-66434
  • PoC:

CVE-2025-66401

  • Severity: 9.8 CRITICAL
  • Impacted Products: MCP Watch 0.1.2 and earlier
  • Description: MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-66401
  • PoC:

CVE-2025-65741

  • Severity: 9.8 CRITICAL
  • Impacted Products: Sublime Text 3 Build 3208 or prior
  • Description: Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-65741
  • PoC:

CVE-2025-64522

  • Severity: 9.1 CRITICAL
  • Impacted Products: Soft Serve < 0.11.1
  • Description: Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. Version 0.11.1 fixes the vulnerability.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-64522
  • PoC:

CVE-2025-6440

  • Severity: 9.8 CRITICAL
  • Impacted Products: WooCommerce Designer Pro plugin for WordPress, 1.9.26
  • Description: The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company &amp;amp; Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the ‘wcdp_save_canvas_design_ajax’ function in all versions up to, and including, 1.9.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6440
  • PoC:

CVE-2025-64180

  • Severity: 9.0 CRITICAL
  • Impacted Products: Manager Desktop 25.11.1.3085 and below, Manager Server 25.11.1.3085 and below
  • Description: Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access to internal network resources. The flaw lies in the fundamental design of the DNS validation mechanism. A Time-of-Check Time-of-Use (TOCTOU) condition that allows attackers to bypass network isolation and access internal services, cloud metadata endpoints, and protected network segments.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-64180
  • PoC:

CVE-2025-64164

CVE-2025-64163

CVE-2025-6389

CVE-2025-63747

  • Severity: 9.8 CRITICAL
  • Impacted Products: QaTraq 6.9.2
  • Description: QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63747
  • PoC:

CVE-2025-63691

  • Severity: 9.6 CRITICAL
  • Impacted Products: pig-mesh In Pig version 3.8.2 and below
  • Description: In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query interface (/api/admin/sys-token/page) has an improper permission verification issue, which leads to information leakage. This interface can be called by any user who has completed login authentication, and it returns the plaintext authentication Tokens of all users currently logged in to the system.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63691
  • PoC:

CVE-2025-63690

  • Severity: 9.1 CRITICAL
  • Impacted Products: pig-mesh Pig 3.8.2 and below, Tomcat
  • Description: In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management function under the system management module, it is possible to execute any Java class with a parameterless constructor and its methods with parameter type String through reflection. At this time, the eval method in Tomcat’s built-in class jakarta.el.ELProcessor can be used to execute commands, leading to a remote code execution vulnerability.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63690
  • PoC:

CVE-2025-63689

  • Severity: 8.8 HIGH
  • Impacted Products: ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59
  • Description: Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 (2025-09-14) allows a remote attacker to execute arbitrary code via the orderby parameter
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63689
  • PoC:

CVE-2025-63679

  • Severity: 5.3 MEDIUM
  • Impacted Products: free5gc v4.1.0 and before
  • Description: free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF receives an UplinkRANConfigurationTransfer NGAP message from a gNB, the AMF process crashes.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63679
  • PoC:

CVE-2025-63622

  • Severity: 9.8 CRITICAL
  • Impacted Products: code-projects Online Complaint Site 1.0
  • Description: A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63622
  • PoC:

CVE-2025-63453

  • Severity: 9.8 CRITICAL
  • Impacted Products: Car-Booking-System-PHP v.1.0
  • Description: Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63453
  • PoC:

CVE-2025-63452

  • Severity: 9.4 CRITICAL
  • Impacted Products: Car-Booking-System-PHP v.1.0
  • Description: Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63452
  • PoC:

CVE-2025-63451

  • Severity: 9.8 CRITICAL
  • Impacted Products: Car-Booking-System-PHP v.1.0
  • Description: Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63451
  • PoC:

CVE-2025-63416

CVE-2025-63353

  • Severity: 6.3 MEDIUM
  • Impacted Products: FiberHome GPON ONU HG6145F1 RP4423
  • Description: A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device’s factory default Wi-Fi password (WPA/WPA2 pre-shared key) to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an attacker who can observe the SSID to predict the default password without authentication or user interaction.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63353
  • PoC:

CVE-2025-63334

  • Severity: 9.8 CRITICAL
  • Impacted Products: PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1
  • Description: PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execute arbitrary commands with root privileges on the underlying system.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-63334
  • PoC:

CVE-2025-62515

  • Severity: 9.8 CRITICAL
  • Impacted Products: pyquokka 0.3.1 and prior
  • Description: pyquokka is a framework for making data lakes work for time series. In versions 0.3.1 and prior, the FlightServer class directly uses pickle.loads() to deserialize action bodies received from Flight clients without any sanitization or validation in the do_action() method. The vulnerable code is located in pyquokka/flight.py at line 283 where arbitrary data from Flight clients is directly passed to pickle.loads().
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-62515
  • PoC:

CVE-2025-62353

  • Severity: 9.8 CRITICAL
  • Impacted Products: Windsurf IDE
  • Description: A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read and write arbitrary local files in and outside of current projects on an end user’s system. The vulnerability can be reached directly and through indirect prompt injection.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-62353
  • PoC:

CVE-2025-6218

CVE-2025-62168

CVE-2025-6205

  • Severity: 9.1 CRITICAL
  • Impacted Products: Dassault Systèmes DELMIA Apriso
  • Description: Dassault Systèmes DELMIA Apriso is affected by a missing authorization vulnerability in its SOAP message processor component. This flaw allows an unauthenticated remote attacker to create new accounts with administrative privileges by sending specially crafted XML requests.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6205
  • PoC:

CVE-2025-61913

CVE-2025-6179

  • Severity: 4.4 MEDIUM
  • Impacted Products: Google ChromeOS 16181.27.0
  • Description: Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6179
  • PoC:

CVE-2025-6169

  • Severity: 9.8 CRITICAL
  • Impacted Products: WIMP website co-construction management platform
  • Description: The WIMP website co-construction management platform from HAMASTAR Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6169
  • PoC:

CVE-2025-61622

  • Severity: 9.8 CRITICAL
  • Impacted Products: pyfory 0.12.0 through 0.12.2, pyfury 0.1.0 through 0.10.3
  • Description: Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of pickle.loads, which is vulnerable to remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61622
  • PoC:

CVE-2025-61605

CVE-2025-61603

CVE-2025-61481

  • Severity: 10.0 CRITICAL
  • Impacted Products: MikroTik RouterOS v.7.14.2, SwOS v.2.18
  • Description: An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over cleartext HTTP by default, allowing an on-path attacker to execute injected JavaScript in the administrator’s browser and intercept credentials.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61481
  • PoC:

CVE-2025-61455

  • Severity: 9.8 CRITICAL
  • Impacted Products: Bhabishya-123 E-commerce 1.0
  • Description: SQL Injection vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the signup.inc.php endpoint. The application directly incorporates unsanitized user inputs into SQL queries, allowing unauthenticated attackers to bypass authentication and gain full access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61455
  • PoC:

CVE-2025-61304

  • Severity: 8.8 HIGH
  • Impacted Products: Dynatrace ActiveGate ping extension up to 1.016
  • Description: OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61304
  • PoC:

CVE-2025-61128

  • Severity: 9.1 CRITICAL
  • Impacted Products: WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3_V240730
  • Description: Stack-based buffer overflow vulnerability in WAVLINK QUANTUM D3G/WL-WN530HG3 firmware M30HG3_V240730, and possibly other wavlink models allows attackers to execute arbitrary code via crafted referrer value POST to login.cgi.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-61128
  • PoC:

CVE-2025-61043

CVE-2025-60854

  • Severity: 9.8 CRITICAL
  • Impacted Products: D-Link R15 (AX1500) 1.20.01 and below
  • Description: A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-60854
  • PoC:

CVE-2025-60803

  • Severity: 9.8 CRITICAL
  • Impacted Products: Antabot White-Jotter up to commit 9bcadc
  • Description: Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the component /api/aaa;/../register.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-60803
  • PoC:

CVE-2025-6065

  • Severity: 9.1 CRITICAL
  • Impacted Products: Image Resizer On The Fly plugin for WordPress, 1.1
  • Description: The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ‘delete’ task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-6065
  • PoC:

CVE-2025-59934

  • Severity: 9.4 CRITICAL
  • Impacted Products: Formbricks < 4.0.1
  • Description: Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the token’s signature, expiration, issuer, or audience.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59934
  • PoC:

CVE-2025-59834

CVE-2025-59832

  • Severity: 9.9 CRITICAL
  • Impacted Products: Horilla, prior to version 1.4.0
  • Description: Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, there is a stored XSS vulnerability in the ticket comment editor. A low-privilege authenticated user could run arbitrary JavaScript in an admin’s browser, exfiltrate the admin’s cookies/CSRF token, and hijack their session. This issue has been patched in version 1.4.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59832
  • PoC:

CVE-2025-5947

  • Severity: 9.8 CRITICAL
  • Impacted Products: Service Finder Bookings plugin for WordPress, 6.0
  • Description: The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user’s cookie value prior to logging them in through the service_finder_switch_back() function. This makes it possible for unauthenticated attackers to login as any user including admins.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5947
  • PoC:

CVE-2025-59407

  • Severity: 9.8 CRITICAL
  • Impacted Products: Flock Safety DetectionProcessing 6.35.33
  • Description: The Flock Safety DetectionProcessing com.flocksafety.android.objects application 6.35.33 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) bundles a Java Keystore (flock_rye.bks) along with its hardcoded password (flockhibiki17) in its code. The keystore contains a private key.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59407
  • PoC:

CVE-2025-59396

  • Severity: 9.8 CRITICAL
  • Impacted Products: WatchGuard Firebox
  • Description: The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite password for the admin account.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59396
  • PoC:

CVE-2025-59390

  • Severity: 9.8 CRITICAL
  • Impacted Products: Apache Druid 34.0.0
  • Description: Apache Druid’s Kerberos authenticator, when not explicitly configured with druid.auth.authenticator.kerberos.cookieSignatureSecret, generates a weak fallback secret using ThreadLocalRandom, enabling potential authentication bypass or token forgery. This also causes authentication failures in distributed deployments due to inconsistent secrets across nodes.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59390
  • PoC:

CVE-2025-59359

  • Severity: 9.8 CRITICAL
  • Impacted Products: Chaos Controller Manager
  • Description: The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59359
  • PoC:

CVE-2025-59352

CVE-2025-59340

CVE-2025-59304

CVE-2025-59159

  • Severity: 9.6 CRITICAL
  • Impacted Products: SillyTavern < 1.13.4
  • Description: SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing attackers to perform actions like install malicious extensions, read chats, inject arbitrary HTML for phishing attacks, etc.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59159
  • PoC:

CVE-2025-59053

  • Severity: 9.6 CRITICAL
  • Impacted Products: AIRI v0.7.2-beta.2, AIRI v0.7.2-beta.3
  • Description: AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the packages/stage-ui/src/components/MarkdownRenderer.vue path, the Markdown content is processed using the useMarkdown composable, and the processed HTML is rendered directly into the DOM using v-html.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-59053
  • PoC:

CVE-2025-58746

  • Severity: 9.0 CRITICAL
  • Impacted Products: Volkov Labs Business Links panel for Grafana, prior to version 2.4.0
  • Description: The Volkov Labs Business Links panel for Grafana provides an interface to navigate using external links, internal dashboards, time pickers, and dropdown menus. Prior to version 2.4.0, a malicious actor with Editor privileges can escalate their privileges to Administrator and perform arbitrary administrative actions. This is possible because the plugin allows arbitrary JavaScript code injection in the [Layout] → [Link] → [URL] field. Version 2.4.0 contains a fix for the issue.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-58746
  • PoC:

CVE-2025-58434

CVE-2025-58360

CVE-2025-5821

  • Severity: 9.8 CRITICAL
  • Impacted Products: Case Theme User plugin for WordPress, 1.0.3
  • Description: The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user’s email.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5821
  • PoC:

CVE-2025-57631

  • Severity: 9.8 CRITICAL
  • Impacted Products: TDuckCloud v.5.1
  • Description: SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57631
  • PoC:

CVE-2025-57347

  • Severity: 9.8 CRITICAL
  • Impacted Products: dagre-d3-es 7.0.9, dagre-d3-es < 7.0.11
  • Description: A vulnerability exists in the ‘dagre-d3-es’ Node.js package version 7.0.9, specifically within the ‘bk’ module’s addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw allows attackers to exploit prototype pollution vulnerabilities by injecting malicious input values (e.g., “__proto__"), enabling unauthorized modification of the JavaScript Object prototype chain.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57347
  • PoC:

CVE-2025-57321

  • Severity: 9.8 CRITICAL
  • Impacted Products: magix-combine-ex versions thru 1.2.10
  • Description: A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57321
  • PoC:

CVE-2025-57285

  • Severity: 9.8 CRITICAL
  • Impacted Products: codeceptjs 3.7.3
  • Description: codeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatenates the user-controlled directoryPath parameter without sanitization or escaping, allowing attackers to execute arbitrary commands.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57285
  • PoC:

CVE-2025-57266

  • Severity: 7.5 HIGH
  • Impacted Products: ThriveX Blogging Framework 2.5.9, ThriveX Blogging Framework 3.1.3
  • Description: An issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru 3.1.3 allowing unauthenticated attackers to gain sensitive information such as API Keys via the /api/assistant/list endpoint.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57266
  • PoC:

CVE-2025-57247

  • Severity: 9.1 CRITICAL
  • Impacted Products: BATBToken, Compiler Version v0.8.26+commit.8a97fa7a
  • Description: The BATBToken smart contract (address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2, Compiler Version v0.8.26+commit.8a97fa7a) contains incorrect access control implementation in whitelist management functions. The setColdWhiteList() and setSpecialAddress() functions in the base ERC20 contract are declared as public without proper access control modifiers, allowing any user to bypass transfer restrictions and manipulate special address settings.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57247
  • PoC:

CVE-2025-57174

  • Severity: 9.8 CRITICAL
  • Impacted Products: Siklu Communications Etherhaul 8010TX, Siklu Communications Etherhaul 1200FX, Firmware 7.4.0 through 10.7.3
  • Description: An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57174
  • PoC:

CVE-2025-57141

  • Severity: 9.8 CRITICAL
  • Impacted Products: rsbi-os 4.7
  • Description: rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57141
  • PoC:

CVE-2025-57119

  • Severity: 9.8 CRITICAL
  • Impacted Products: Online Library Management System v.3.0
  • Description: An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57119
  • PoC:

CVE-2025-57108

  • Severity: 9.8 CRITICAL
  • Impacted Products: Kitware VTK 9.5.0
  • Description: Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files with corrupted or invalid mesh reference structures.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57108
  • PoC:

CVE-2025-57105

  • Severity: 9.8 CRITICAL
  • Impacted Products: D-Link DI-7400G+
  • Description: The D-Link DI-7400G+ router is affected by a command injection vulnerability in its jhttpd web server component. This flaw allows an attacker to execute arbitrary commands on the device by manipulating parameters processed by the administrative web interface.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57105
  • PoC:

CVE-2025-57085

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda W30E V16.01.0.19
  • Description: Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-57085
  • PoC:

CVE-2025-5701

  • Severity: 9.8 CRITICAL
  • Impacted Products: HyperComments plugin for WordPress, 1.2.2
  • Description: The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hc_request_handler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5701
  • PoC:

CVE-2025-56819

  • Severity: 9.8 CRITICAL
  • Impacted Products: Datart v.1.0.0-rc.3
  • Description: Datart v.1.0.0-rc.3 is susceptible to a remote code execution vulnerability stemming from improper neutralization of special elements in the INIT connection parameter of H2 JDBC URLs. This flaw allows a remote attacker to execute arbitrary operating system commands on the server.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-56819
  • PoC:

CVE-2025-56749

  • Severity: 9.4 CRITICAL
  • Impacted Products: Creativeitem Academy LMS 6.14
  • Description: Creativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing. This predictable secret allows attackers to forge valid JWT tokens, leading to authentication bypass and unauthorized access to any user account.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-56749
  • PoC:

CVE-2025-56683

  • Severity: 9.6 CRITICAL
  • Impacted Products: Logseq v0.10.9
  • Description: A cross-site scripting (XSS) vulnerability in the component /app/marketplace.html of Logseq v0.10.9 allows attackers to execute arbitrary code via injecting arbitrary Javascript into a crafted README.md file.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-56683
  • PoC:

CVE-2025-56513

CVE-2025-56447

CVE-2025-56231

  • Severity: 9.1 CRITICAL
  • Impacted Products: Tonec Internet Download Manager 6.42.41.1
  • Description: Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-56231
  • PoC:

CVE-2025-55835

  • Severity: 9.8 CRITICAL
  • Impacted Products: SueamCMS v.0.1.2
  • Description: File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-55835
  • PoC:

CVE-2025-55575

  • Severity: 9.8 CRITICAL
  • Impacted Products: SMM Panel 3.1
  • Description: SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers to gain sensitive information via a crafted HTTP request with action=service_detail.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-55575
  • PoC:

CVE-2025-54988

CVE-2025-54875

CVE-2025-54726

  • Severity: 9.3 CRITICAL
  • Impacted Products: JS Archive List: from n/a through n/a
  • Description: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Miguel Useche JS Archive List allows SQL Injection. This issue affects JS Archive List: from n/a through n/a.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-54726
  • PoC:

CVE-2025-54309

CVE-2025-5419

CVE-2025-54123

CVE-2025-54122

  • Severity: 10.0 CRITICAL
  • Impacted Products: Manager-io/Manager Desktop 25.7.18.2519, Manager-io/Manager Server 25.7.18.2519
  • Description: Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-54122
  • PoC:

CVE-2025-53693

  • Severity: 9.8 CRITICAL
  • Impacted Products: Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4, Sitecore Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4
  • Description: Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’) vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-53693
  • PoC:

CVE-2025-5305

  • Severity: 9.8 CRITICAL
  • Impacted Products: Password Reset with Code for WordPress REST API, before 0.0.17
  • Description: The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5305
  • PoC:

CVE-2025-5288

  • Severity: 9.8 CRITICAL
  • Impacted Products: The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress, versions 1.0.0 to 2.0.3
  • Description: The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the process_handler() function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an arbitrary import_api URL, import specially crafted JSON, and thereby create a new user with full Administrator privileges.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5288
  • PoC:

CVE-2025-52688

  • Severity: 9.8 CRITICAL
  • Impacted Products: No specific product names or versions are mentioned in the CVE description provided.
  • Description: Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52688
  • PoC:

CVE-2025-52385

  • Severity: 9.8 CRITICAL
  • Impacted Products: Studio 3T v.2025.1.0 and before
  • Description: An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52385
  • PoC:

CVE-2025-52053

  • Severity: 9.8 CRITICAL
  • Impacted Products: TOTOLINK X6000R V9.4.0cu.1360_B20241207
  • Description: TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74 function via the file_name parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52053
  • PoC:

CVE-2025-52046

  • Severity: 9.8 CRITICAL
  • Impacted Products: Totolink A3300R V17.0.0cu.596_B20250515
  • Description: Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc parameters. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52046
  • PoC:

CVE-2025-52021

  • Severity: 9.8 CRITICAL
  • Impacted Products: PuneethReddyHC Online Shopping System Advanced 1.0
  • Description: A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter is unsafely passed to a SQL query without proper validation or parameterization.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-52021
  • PoC:

CVE-2025-51682

  • Severity: 9.8 CRITICAL
  • Impacted Products: mJobtime 15.7.2
  • Description: mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-51682
  • PoC:

CVE-2025-51390

  • Severity: 9.8 CRITICAL
  • Impacted Products: TOTOLINK N600R V4.3.0cu.7647_B20210106
  • Description: TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-51390
  • PoC:

CVE-2025-5099

  • Severity: 8.1 HIGH
  • Impacted Products: No specific product names or versions are mentioned in the provided CVE description.
  • Description: An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5099
  • PoC:

CVE-2025-5095

  • Severity: 9.8 CRITICAL
  • Impacted Products: Burk Technology ARC Solo
  • Description: Burk Technology ARC Solo’s password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device’s HTTP endpoint without providing valid credentials. The system does not enforce proper authentication or session validation, allowing the password change to proceed without verifying the request’s legitimacy.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-5095
  • PoC:

CVE-2025-50904

  • Severity: 9.8 CRITICAL
  • Impacted Products: WinterChenS my-site
  • Description: There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50904
  • PoC:

CVE-2025-50756

  • Severity: 9.8 CRITICAL
  • Impacted Products: Wavlink WN535K3 20191010
  • Description: Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50756
  • PoC:

CVE-2025-50754

  • Severity: 9.6 CRITICAL
  • Impacted Products: Unisite CMS 5.0
  • Description: Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the “Report” functionality. A malicious script submitted by an attacker is rendered in the admin panel when viewed by an administrator. This allows attackers to hijack the admin session and, by leveraging the template editor, upload and execute a PHP web shell on the server, leading to full remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50754
  • PoC:

CVE-2025-50722

  • Severity: 9.8 CRITICAL
  • Impacted Products: sparkshop v.1.1.7
  • Description: Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50722
  • PoC:

CVE-2025-50692

CVE-2025-50578

  • Severity: 6.3 MEDIUM
  • Impacted Products: LinuxServer.io heimdall 2.6.3-ls307
  • Description: LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically X-Forwarded-Host and Referer. An unauthenticated remote attacker can manipulate these headers to perform Host Header Injection and Open Redirect attacks. This allows the loading of external resources from attacker-controlled domains and unintended redirection of users, potentially enabling phishing, UI redress, and session theft.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50578
  • PoC:

CVE-2025-50475

  • Severity: 9.8 CRITICAL
  • Impacted Products: Russound MBX-PRE-D67F firmware version 3.1.6
  • Description: An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname parameter in network configuration requests. This vulnerability stems from improper neutralization of special elements used in an OS command within the network configuration handler, enabling remote code execution with the highest privileges.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50475
  • PoC:

CVE-2025-50472

  • Severity: 9.8 CRITICAL
  • Impacted Products: modelscope/ms-swift thru 2.6.1
  • Description: The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through deserialization of untrusted data within the load\_model\_meta() function of the ModelFileSystemCache() class. Attackers can execute arbitrary code and commands by crafting a malicious serialized .mdl payload, exploiting the use of pickle.load() on data from potentially untrusted sources.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50472
  • PoC:

CVE-2025-50460

  • Severity: 9.8 CRITICAL
  • Impacted Products: ms-swift 3.3.0, PyYAML 5.3.1
  • Description: A remote code execution (RCE) vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load() from the PyYAML library (versions = 5.3.1). If an attacker can control the content of the YAML configuration file passed to the –run_config parameter, arbitrary code can be executed during deserialization. This can lead to full system compromise.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50460
  • PoC:

CVE-2025-50428

CVE-2025-50341

  • Severity: 9.8 CRITICAL
  • Impacted Products: Axelor 5.2.4
  • Description: A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain parameter. An attacker can manipulate the SQL query logic and determine true/false conditions, potentially leading to data exposure or further exploitation.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-50341
  • PoC:

CVE-2025-50201

CVE-2025-49655

  • Severity: 9.8 CRITICAL
  • Impacted Products: Keras 3.11.0, Keras 3.11.1, Keras 3.11.2
  • Description: Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being enabled. The vulnerability can be triggered through both local and remote files.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49655
  • PoC:

CVE-2025-49388

  • Severity: 9.8 CRITICAL
  • Impacted Products: Miraculous Core Plugin: from n/a through 2.0.7
  • Description: Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin allows Privilege Escalation. This issue affects Miraculous Core Plugin: from n/a through 2.0.7.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49388
  • PoC:

CVE-2025-49223

  • Severity: 9.8 CRITICAL
  • Impacted Products: billboard.js < 3.15.1
  • Description: billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49223
  • PoC:

CVE-2025-49136

CVE-2025-49132

  • Severity: 10.0 CRITICAL
  • Impacted Products: Pterodactyl < 1.11.11
  • Description: Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel’s server, read credentials from the Panel’s config, extract sensitive information from the database, access files of servers managed by the panel, etc.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49132
  • PoC:

CVE-2025-49029

  • Severity: 9.1 CRITICAL
  • Impacted Products: Custom Login And Signup Widget: from n/a through 1.0
  • Description: Improper Control of Generation of Code (‘Code Injection’) vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49029
  • PoC:

CVE-2025-49002

CVE-2025-48543

CVE-2025-48129

  • Severity: 9.8 CRITICAL
  • Impacted Products: Spreadsheet Price Changer for WooCommerce, WP E-commerce – Light: from n/a through 2.4.37
  • Description: Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-48129
  • PoC:

CVE-2025-47916

CVE-2025-47776

CVE-2025-47646

  • Severity: 9.8 CRITICAL
  • Impacted Products: Gilblas Ngunte Possi PSW Front-end Login & Registration: n/a, 1.13
  • Description: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration allows Password Recovery Exploitation. This issue affects PSW Front-end Login & Registration: from n/a through 1.13.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-47646
  • PoC:

CVE-2025-47577

  • Severity: 10.0 CRITICAL
  • Impacted Products: TI WooCommerce Wishlist: from n/a before 2.10.0
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a before 2.10.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-47577
  • PoC:

CVE-2025-47539

  • Severity: 9.8 CRITICAL
  • Impacted Products: Eventin: from n/a through 4.0.26
  • Description: Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-47539
  • PoC:

CVE-2025-47151

CVE-2025-4664

CVE-2025-4631

  • Severity: 9.8 CRITICAL
  • Impacted Products: Profitori plugin for WordPress 2.0.6.0 to 2.1.1.3
  • Description: The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the save_object_as_user() function for objects whose ‘_datatype’ is set to ‘users’,.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4631
  • PoC:

CVE-2025-46271

  • Severity: 9.1 CRITICAL
  • Impacted Products: UNI-NMS-Lite
  • Description: UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-46271
  • PoC:

CVE-2025-46157

  • Severity: 9.9 CRITICAL
  • Impacted Products: EfroTech Time Trax v.1.0
  • Description: An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-46157
  • PoC:

CVE-2025-4606

  • Severity: 9.8 CRITICAL
  • Impacted Products: Sala - Startup & SaaS WordPress Theme, 1.1.4
  • Description: The Sala - Startup & SaaS WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.4. This is due to the theme not properly validating a user’s identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user’s passwords, including administrators, and leverage that to gain access to their account.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4606
  • PoC:

CVE-2025-45988

CVE-2025-45984

CVE-2025-45890

  • Severity: 7.2 HIGH
  • Impacted Products: novel plus before v.5.1.0
  • Description: Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45890
  • PoC:

CVE-2025-45857

  • Severity: 9.8 CRITICAL
  • Impacted Products: EDIMAX CV7428NS v1.20
  • Description: EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via the command parameter in the mp function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45857
  • PoC:

CVE-2025-45814

  • Severity: 9.8 CRITICAL
  • Impacted Products: NS3000 v8.1.1.125110, NS3000 v7.2.8.124852, NS3000 v7.x, NS2000 v7.02.08
  • Description: Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 , and v7.x and NS2000 v7.02.08 allows attackers to execute a session hijacking attack.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45814
  • PoC:

CVE-2025-45813

CVE-2025-4578

  • Severity: 9.8 CRITICAL
  • Impacted Products: File Provider WordPress plugin, 1.2.3
  • Description: The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4578
  • PoC:

CVE-2025-45777

  • Severity: 9.8 CRITICAL
  • Impacted Products: Chavara Family Welfare Centre Chavara Matrimony Site v2.0
  • Description: An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows attackers to bypass authentication via supplying a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45777
  • PoC:

CVE-2025-45616

  • Severity: 9.8 CRITICAL
  • Impacted Products: brcc v1.2.0
  • Description: Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45616
  • PoC:

CVE-2025-45615

  • Severity: 9.8 CRITICAL
  • Impacted Products: yaoqishan v0.0.1-SNAPSHOT
  • Description: Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45615
  • PoC:

CVE-2025-45611

  • Severity: 9.8 CRITICAL
  • Impacted Products: hope-boot v1.0.0
  • Description: Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45611
  • PoC:

CVE-2025-45583

  • Severity: 9.1 CRITICAL
  • Impacted Products: Audi UTR 2.0 Universal Traffic Recorder 2.0
  • Description: Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-45583
  • PoC:

CVE-2025-45018

CVE-2025-44894

CVE-2025-44893

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44893
  • PoC:

CVE-2025-44891

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44891
  • PoC:

CVE-2025-44890

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44890
  • PoC:

CVE-2025-44888

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44888
  • PoC:

CVE-2025-44883

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44883
  • PoC:

CVE-2025-44881

CVE-2025-44880

CVE-2025-44868

  • Severity: 9.8 CRITICAL
  • Impacted Products: Wavlink WL-WN530H4 20220801
  • Description: Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the ping_test function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44868
  • PoC:

CVE-2025-4403

  • Severity: 9.8 CRITICAL
  • Impacted Products: Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress, 1.1.6
  • Description: The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.1.6 due to accepting a user‐supplied supported_type string and the uploaded filename without enforcing real extension or MIME checks within the upload() function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4403
  • PoC:

CVE-2025-4389

  • Severity: 9.8 CRITICAL
  • Impacted Products: Crawlomatic Multipage Scraper Post Generator plugin for WordPress, 2.6.8.1
  • Description: The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4389
  • PoC:

CVE-2025-41646

CVE-2025-4094

  • Severity: 9.8 CRITICAL
  • Impacted Products: DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1
  • Description: The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4094
  • PoC:

CVE-2025-4009

  • Severity: 9.8 CRITICAL
  • Impacted Products: Evertz SDVN 3080ipx-10G
  • Description: The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among other features. The application has been developed in PHP with the webEASY SDK, also named ‘ewb’ by Evertz.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-4009
  • PoC:

CVE-2025-39601

  • Severity: 9.6 CRITICAL
  • Impacted Products: WPFactory Custom CSS, JS & PHP: from n/a through 2.4.1
  • Description: Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP allows Remote Code Inclusion. This issue affects Custom CSS, JS & PHP: from n/a through 2.4.1.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-39601
  • PoC:

CVE-2025-39596

  • Severity: 9.8 CRITICAL
  • Impacted Products: Quentn WP: from n/a through 1.2.8
  • Description: Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through 1.2.8.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-39596
  • PoC:

CVE-2025-39436

  • Severity: 9.1 CRITICAL
  • Impacted Products: I Draw: from n/a through 1.0
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-39436
  • PoC:

CVE-2025-39401

  • Severity: 10.0 CRITICAL
  • Impacted Products: WPAMS: from n/a through 44.0
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-39401
  • PoC:

CVE-2025-36846

  • Severity: 9.8 CRITICAL
  • Impacted Products: Eveo URVE Web Manager 27.02.2025
  • Description: An issue was discovered in Eveo URVE Web Manager 27.02.2025. The application exposes a /_internal/pc/vpro.php localhost endpoint to unauthenticated users that is vulnerable to OS Command Injection. The endpoint takes an input parameter that is passed directly into the shell_exec() function of PHP. NOTE: this can be chained with CVE-2025-36845.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-36846
  • PoC:

CVE-2025-3605

  • Severity: 9.8 CRITICAL
  • Impacted Products: Frontend Login and Registration Blocks plugin for WordPress, 1.0.7
  • Description: The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user’s identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-3605
  • PoC:

CVE-2025-3604

  • Severity: 9.8 CRITICAL
  • Impacted Products: Flynax Bridge plugin for WordPress, 2.2.0
  • Description: The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user’s identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user’s email addresses, including administrators, and leverage that to reset the user’s password and gain access to their account.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-3604
  • PoC:

CVE-2025-32682

  • Severity: 9.9 CRITICAL
  • Impacted Products: MapSVG Lite: from n/a through 8.5.34
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG Lite allows Upload a Web Shell to a Web Server. This issue affects MapSVG Lite: from n/a through 8.5.34.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32682
  • PoC:

CVE-2025-32641

  • Severity: 9.6 CRITICAL
  • Impacted Products: Anant Addons for Elementor: from n/a through 1.1.5
  • Description: Cross-Site Request Forgery (CSRF) vulnerability in anantaddons Anant Addons for Elementor allows Cross Site Request Forgery. This issue affects Anant Addons for Elementor: from n/a through 1.1.5.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32641
  • PoC:

CVE-2025-32583

  • Severity: 9.9 CRITICAL
  • Impacted Products: PDF 2 Post: from n/a through 2.4.0
  • Description: Improper Control of Generation of Code (‘Code Injection’) vulnerability in termel PDF 2 Post allows Remote Code Inclusion. This issue affects PDF 2 Post: from n/a through 2.4.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32583
  • PoC:

CVE-2025-32579

  • Severity: 9.9 CRITICAL
  • Impacted Products: Sync Posts: from n/a through 1.0
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts allows Upload a Web Shell to a Web Server. This issue affects Sync Posts: from n/a through 1.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32579
  • PoC:

CVE-2025-32432

CVE-2025-32375

CVE-2025-32206

  • Severity: 9.1 CRITICAL
  • Impacted Products: Processing Projects: from n/a through 1.0.2
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects allows Upload a Web Shell to a Web Server. This issue affects Processing Projects: from n/a through 1.0.2.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32206
  • PoC:

CVE-2025-32140

  • Severity: 9.9 CRITICAL
  • Impacted Products: WP Remote Thumbnail: from n/a through 1.3.1
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail allows Upload a Web Shell to a Web Server. This issue affects WP Remote Thumbnail: from n/a through 1.3.1.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32140
  • PoC:

CVE-2025-32118

  • Severity: 9.1 CRITICAL
  • Impacted Products: CMP – Coming Soon & Maintenance: from n/a through 4.1.13
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance allows Using Malicious Files. This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.13.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-32118
  • PoC:

CVE-2025-31033

  • Severity: 9.8 CRITICAL
  • Impacted Products: Buddypress Humanity: from n/a through 1.2
  • Description: Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity allows Cross Site Request Forgery. This issue affects Buddypress Humanity: from n/a through 1.2.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-31033
  • PoC:

CVE-2025-30911

  • Severity: 9.9 CRITICAL
  • Impacted Products: Rometheme RomethemeKit For Elementor: from n/a through 1.5.4
  • Description: Improper Control of Generation of Code (‘Code Injection’) vulnerability in Rometheme RomethemeKit For Elementor allows Command Injection. This issue affects RomethemeKit For Elementor: from n/a through 1.5.4.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-30911
  • PoC:

CVE-2025-30154

CVE-2025-30135

  • Severity: 9.4 CRITICAL
  • Impacted Products: IROAD Dashcam FX2
  • Description: An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without Authentication can occur. It lacks authentication controls on its HTTP and RTSP interfaces, allowing attackers to retrieve sensitive files and video recordings. By connecting to http://192.168.10.1/mnt/extsd/event/, an attacker can download all stored video recordings in an unencrypted manner.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-30135
  • PoC:

CVE-2025-30066

  • Severity: 8.6 HIGH
  • Impacted Products: tj-actions changed-files v1 through v45.0.7
  • Description: tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)
  • Remediation:
  • More Info: NVD - CVE-2025-30066
  • PoC:

CVE-2025-29662

  • Severity: 9.8 CRITICAL
  • Impacted Products: LandChat 3.25.12.18
  • Description: A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated attacker to execute system code via remote network access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29662
  • PoC:

CVE-2025-29631

CVE-2025-2945

CVE-2025-29384

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda AC9 v1.0 V15.03.05.14_multi
  • Description: In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29384
  • PoC:

CVE-2025-29269

CVE-2025-2907

  • Severity: 9.8 CRITICAL
  • Impacted Products: Order Delivery Date WordPress plugin before 12.3.1
  • Description: The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modify the default_user_role to administrator and users_can_register, allowing them to register as an administrator of the site for complete site takeover.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2907
  • PoC:

CVE-2025-29063

  • Severity: 9.8 CRITICAL
  • Impacted Products: BL-AC2100 V1.0.4 and before
  • Description: An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29063
  • PoC:

CVE-2025-29062

  • Severity: 9.8 CRITICAL
  • Impacted Products: BL-AC2100 <=V1.0.4
  • Description: An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29062
  • PoC:

CVE-2025-29047

  • Severity: 9.8 CRITICAL
  • Impacted Products: ALFA WiFi CampPro router ALFA_CAMPRO-co-2.29
  • Description: Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29047
  • PoC:

CVE-2025-29044

  • Severity: 9.8 CRITICAL
  • Impacted Products: Netgear R61 router V1.0.1.28
  • Description: Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29044
  • PoC:

CVE-2025-29009

  • Severity: 10.0 CRITICAL
  • Impacted Products: Medical Prescription Attachment Plugin for WooCommerce: from n/a through 1.2.3
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Medical Prescription Attachment Plugin for WooCommerce: from n/a through 1.2.3.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-29009
  • PoC:

CVE-2025-2825

CVE-2025-28146

  • Severity: 9.8 CRITICAL
  • Impacted Products: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15
  • Description: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-28146
  • PoC:

CVE-2025-2812

  • Severity: 9.8 CRITICAL
  • Impacted Products: Ticket Sales Automation: before 03.04.2025
  • Description: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY).
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2812
  • PoC:

CVE-2025-28100

CVE-2025-27920

CVE-2025-27832

CVE-2025-2775

  • Severity: 9.3 CRITICAL
  • Impacted Products: SysAid On-Prem <= 23.3.40
  • Description: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2775
  • PoC:

CVE-2025-27590

CVE-2025-27520

CVE-2025-2747

CVE-2025-2746

CVE-2025-27224

  • Severity: 9.8 CRITICAL
  • Impacted Products: TRUfusion Enterprise 7.10.4.0
  • Description: TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload files. However, the application doesn’t properly sanitize the input to this endpoint, ultimately allowing path traversal sequences to be included. This can be used to write to any filename with any file type at any location on the local server, ultimately allowing execution of arbitrary code.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-27224
  • PoC:

CVE-2025-27007

CVE-2025-26892

  • Severity: 9.9 CRITICAL
  • Impacted Products: Celestial Aura: from n/a through 2.2
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-26892
  • PoC:

CVE-2025-26615

  • Severity: 10.0 CRITICAL
  • Impacted Products: WeGIA 3.2.14
  • Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Path Traversal vulnerability was discovered in the WeGIA application, examples.php endpoint. This vulnerability could allow an attacker to gain unauthorized access to sensitive information stored in config.php. config.php contains information that could allow direct access to the database. This issue has been addressed in version 3.2.14 and all users are advised to upgrade.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-26615
  • PoC:

CVE-2025-26199

  • Severity: 7.4 HIGH
  • Impacted Products: CloudClassroom-PHP-Project v1.0
  • Description: CloudClassroom-PHP-Project v1.0 is vulnerable to insecure transmission of user credentials. During the authentication process, passwords are submitted over unencrypted HTTP rather than HTTPS. This exposes sensitive information (i.e., usernames and passwords) to interception by network-based attackers using packet sniffing or Man-in-the-Middle (MitM) attacks.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-26199
  • PoC:

CVE-2025-26198

  • Severity: 9.8 CRITICAL
  • Impacted Products: CloudClassroom-PHP-Project v1.0
  • Description: A critical SQL Injection vulnerability exists in CloudClassroom-PHP-Project v1.0, specifically within the loginlinkadmin.php endpoint. Unsanitized input directly embedded into SQL queries allows attackers to manipulate query logic, bypass authentication, and gain unauthorized access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-26198
  • PoC:

CVE-2025-26063

  • Severity: 6.3 MEDIUM
  • Impacted Products: Intelbras RX1500 v2.2.9, Intelbras RX3000 v1.0.11
  • Description: An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-26063
  • PoC:

CVE-2025-25388

CVE-2025-25279

  • Severity: 9.9 CRITICAL
  • Impacted Products: Mattermost 10.4.x <= 10.4.1, Mattermost 9.11.x <= 9.11.7, Mattermost 10.3.x <= 10.3.2, Mattermost 10.2.x <= 10.2.2
  • Description: Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-25279
  • PoC:

CVE-2025-24964

CVE-2025-24865

CVE-2025-24813

CVE-2025-23942

  • Severity: 9.1 CRITICAL
  • Impacted Products: WP Load Gallery: from n/a through 2.1.6
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows Upload a Web Shell to a Web Server. This issue affects WP Load Gallery: from n/a through 2.1.6.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-23942
  • PoC:

CVE-2025-23922

  • Severity: 7.3 HIGH
  • Impacted Products: iSpring Embedder: from n/a through 1.0
  • Description: Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-23922
  • PoC:

CVE-2025-2345

  • Severity: 9.8 CRITICAL
  • Impacted Products: IROAD Dash Cam X5 up to 20250308, IROAD Dash Cam X6 up to 20250308
  • Description: A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2345
  • PoC:

CVE-2025-23048

CVE-2025-22954

  • Severity: 10.0 CRITICAL
  • Impacted Products: Koha before 24.11.02
  • Description: GetLateOrMissingIssues in C4/Serials.pm in Koha before 24.11.02 allows SQL Injection in /serials/lateissues-export.pl via the supplierid or serialid parameter.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22954
  • PoC:

CVE-2025-22916

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a stack overflow via the pppUserName parameter in the formPPPoESetup function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22916
  • PoC:

CVE-2025-22913

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22913
  • PoC:
    • RE11S_1.11-formStaDrvSetup-StackOverflow

CVE-2025-22912

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22912
  • PoC:

CVE-2025-22907

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the formWlSiteSurvey function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22907
  • PoC:

CVE-2025-22906

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName parameter at /goform/setWAN.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22906
  • PoC:

CVE-2025-22905

  • Severity: 9.8 CRITICAL
  • Impacted Products: RE11S v1.11
  • Description: RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-22905
  • PoC:

CVE-2025-22904

CVE-2025-21756

CVE-2025-20265

  • Severity: 10.0 CRITICAL
  • Impacted Products: Cisco Secure Firewall Management Center (FMC) Software
  • Description: A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-20265
  • PoC:

CVE-2025-20260

CVE-2025-20125

CVE-2025-20124

CVE-2025-2005

CVE-2025-1661

CVE-2025-1562

CVE-2025-14709

  • Severity: 9.8 CRITICAL
  • Impacted Products: Shiguangwu sgwbox N3 2.0.25
  • Description: A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/http_eshell_server of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-14709
  • PoC:

CVE-2025-14708

CVE-2025-14707

CVE-2025-14705

CVE-2025-13780

CVE-2025-13595

  • Severity: 9.8 CRITICAL
  • Impacted Products: CIBELES AI plugin for WordPress, 1.10.8
  • Description: The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the ‘actualizador_git.php’ file in all versions up to, and including, 1.10.8. This makes it possible for unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-13595
  • PoC:

CVE-2025-13342

  • Severity: 9.8 CRITICAL
  • Impacted Products: Frontend Admin by DynamiApps plugin for WordPress, 3.28.20
  • Description: The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run() save handler. This makes it possible for unauthenticated attackers to modify critical WordPress options such as users_can_register, default_role, and admin_email via submitting crafted form data to public frontend forms.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-13342
  • PoC:

CVE-2025-1302

  • Severity: 9.8 CRITICAL
  • Impacted Products: jsonpath-plus < 10.3.0
  • Description: Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval=‘safe’ mode. **Note:** This is caused by an incomplete fix for [CVE-2024-21534](
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-1302
  • PoC:

CVE-2025-12762

  • Severity: 9.1 CRITICAL
  • Impacted Products: pgAdmin 9.9
  • Description: pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-12762
  • PoC:

CVE-2025-12735

CVE-2025-12463

  • Severity: 9.8 CRITICAL
  • Impacted Products: Geutebruck G-Cam E-Series Cameras EFD-2130 firmware version 1.12.0.19
  • Description: An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-12463
  • PoC:

CVE-2025-11953

  • Severity: 9.8 CRITICAL
  • Impacted Products: Metro Development Server
  • Description: The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables. On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11953
  • PoC:

CVE-2025-11849

  • Severity: 9.3 CRITICAL
  • Impacted Products: mammoth 0.3.25, mammoth before 1.11.0, org.zwobble.mammoth:mammoth before 1.11.0
  • Description: Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of path or file type validation when processing a docx file containing an image with an external link (r:link attribute instead of embedded r:embed).
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11849
  • PoC:

CVE-2025-11833

  • Severity: 9.8 CRITICAL
  • Impacted Products: Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress, versions up to 3.6.0
  • Description: The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is affected by a missing authorization vulnerability in versions up to 3.6.0. This flaw allows unauthenticated attackers to read arbitrary logged emails, including password reset emails.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11833
  • PoC:

CVE-2025-11749

  • Severity: 9.8 CRITICAL
  • Impacted Products: AI Engine plugin for WordPress, 3.1.3
  • Description: The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the ‘Bearer Token’ value when ‘No-Auth URL’ is enabled. This makes it possible for unauthenticated attackers to extract the bearer token, which can be used to gain access to a valid session and perform many actions like creating a new administrator account, leading to privilege escalation.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11749
  • PoC:

CVE-2025-11533

  • Severity: 9.8 CRITICAL
  • Impacted Products: WP Freeio plugin for WordPress, 1.2.21
  • Description: The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.21. This is due to the process_register() function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the ‘administrator’ role during registration and gain administrator access to the site.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11533
  • PoC:

CVE-2025-11391

  • Severity: 9.8 CRITICAL
  • Impacted Products: PPOM – Product Addons & Custom Fields for WooCommerce, 33.0.15
  • Description: The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-11391
  • PoC:

CVE-2025-11371

CVE-2025-11148

CVE-2025-10894

CVE-2025-10432

  • Severity: 9.8 CRITICAL
  • Impacted Products: Tenda AC1206 15.03.06.23
  • Description: A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-10432
  • PoC:

CVE-2025-10230

CVE-2025-1009

CVE-2025-10041

  • Severity: 9.8 CRITICAL
  • Impacted Products: Flex QR Code Generator plugin for WordPress, 1.2.5
  • Description: The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesave_qr_code_to_db() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-10041
  • PoC:

CVE-2025-0851

CVE-2025-0411

CVE-2025-0364

  • Severity: 9.8 CRITICAL
  • Impacted Products: BigAntSoft BigAnt Server, up to and including version 5.6.06
  • Description: BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the attacker can upload and execute arbitrary PHP code using the “Cloud Storage Addin,” leading to unauthenticated code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-0364
  • PoC:

CVE-2025-0316

  • Severity: 9.8 CRITICAL
  • Impacted Products: WP Directorybox Manager plugin for WordPress, 2.5
  • Description: The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the ‘wp_dp_enquiry_agent_contact_form_submit_callback’ function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-0316
  • PoC:

CVE-2024-8425

  • Severity: 9.8 CRITICAL
  • Impacted Products: WooCommerce Ultimate Gift Card plugin for WordPress, 2.6.0
  • Description: The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the ‘mwb_wgm_preview_mail’ and ‘mwb_wgm_woocommerce_add_cart_item_data’ functions in all versions up to, and including, 2.6.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-8425
  • PoC:

CVE-2024-7344

CVE-2024-6387

CVE-2024-58299

  • Severity: 9.8 CRITICAL
  • Impacted Products: PCMan FTP Server 2.0
  • Description: PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the ‘pwd’ command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-58299
  • PoC:

CVE-2024-57823

CVE-2024-57707

  • Severity: 8.8 HIGH
  • Impacted Products: DataEase v1
  • Description: An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57707
  • PoC:

CVE-2024-57687

  • Severity: 8.8 HIGH
  • Impacted Products: PHPGurukul Land Record System v1.0
  • Description: An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the “Cookie” GET request parameter.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57687
  • PoC:

CVE-2024-57225

CVE-2024-57224

CVE-2024-57223

CVE-2024-57040

  • Severity: 9.8 CRITICAL
  • Impacted Products: TL-WR845N(UN)_V4_200909, TL-WR845N(UN)_V4_190219
  • Description: TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or via a brute force attack through physical access to the router.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-57040
  • PoC:

CVE-2024-56249

  • Severity: 9.1 CRITICAL
  • Impacted Products: WPMasterToolKit: from n/a through 1.13.1
  • Description: Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through 1.13.1.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-56249
  • PoC:

CVE-2024-55556

  • Severity: 9.8 CRITICAL
  • Impacted Products: Crater Invoice
  • Description: A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data. The exploitation vector of this vulnerability relies on an attacker obtaining Laravel’s secret APP_KEY, which would allow them to decrypt and manipulate session cookies (laravel_session) containing serialized data.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-55556
  • PoC:

CVE-2024-55194

CVE-2024-54879

  • Severity: 9.1 CRITICAL
  • Impacted Products: SeaCMS V13.1
  • Description: SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-54879
  • PoC:

CVE-2024-54819

CVE-2024-54502

CVE-2024-53924

  • Severity: 9.8 CRITICAL
  • Impacted Products: Pycel 1.0b30
  • Description: Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IF(A1=200, eval("__import__(‘os’).system( substring.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-53924
  • PoC:

CVE-2024-53584

CVE-2024-52786

  • Severity: 9.8 CRITICAL
  • Impacted Products: anji-plus AJ-Report up to v1.4.2
  • Description: An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted URL.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-52786
  • PoC:

CVE-2024-50660

CVE-2024-50644

  • Severity: 9.8 CRITICAL
  • Impacted Products: blog
  • Description: There is an authentication bypass vulnerability in blog. An attacker can exploit this vulnerability to access /admin/ API without any token. The problem lies in using request.getRequestURI() to obtain the request path. The path obtained by this function will not parse special symbols, but will be passed on directly, so you can use ../ to bypass it.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-50644
  • PoC:

CVE-2024-48852

CVE-2024-48849

CVE-2024-48445

  • Severity: 9.8 CRITICAL
  • Impacted Products: compop.ca ONLINE MALL v.3.5.3
  • Description: An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-48445
  • PoC:

CVE-2024-46982

CVE-2024-45438

  • Severity: 9.1 CRITICAL
  • Impacted Products: TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101, TitanHQ SpamTitan Email Security Gateway 8.01.x before 8.01.14
  • Description: An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent email address is provided as part of the email parameter, SpamTitan will automatically create a user record and associate quarantine settings with it - all without requiring authentication.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-45438
  • PoC:

CVE-2024-32640

CVE-2024-13513

CVE-2024-12877

CVE-2024-12356

CVE-2024-12252

  • Severity: 9.8 CRITICAL
  • Impacted Products: SEO LAT Auto Post plugin for WordPress, 2.2.1
  • Description: The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remote_update AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can be leveraged to achieve remote code execution.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-12252
  • PoC:

CVE-2024-11972

CVE-2024-11613

  • Severity: 9.8 CRITICAL
  • Impacted Products: WordPress File Upload plugin for WordPress, 4.24.15
  • Description: The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the ‘wfu_file_downloader.php’ file. This is due to lack of proper sanitization of the ‘source’ parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server.
  • Remediation:
  • More Info: NVD - CVE-2024-11613
  • PoC:

CVE-2023-44752

CVE-2023-44221

CVE-2023-25610

CVE-2023-0386

CVE-2021-47667

  • Severity: 10.0 CRITICAL
  • Impacted Products: ZendTo 5.24-3, ZendTo 6.x before 6.10-7
  • Description: An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6.10-7 allows unauthenticated remote attackers to execute arbitrary commands via shell metacharacters in the tmp_name parameter when dropping off a file via a POST /dropoff request.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2021-47667
  • PoC:

CVE-2021-44790

CVE-2021-34523

CVE-2021-34473

CVE-2021-31207

CVE-2021-26828

CVE-2021-26084

CVE-2020-36849

  • Severity: 9.8 CRITICAL
  • Impacted Products: AIT CSV import/export plugin for WordPress, versions up to and including 3.0.3
  • Description: The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2020-36849
  • PoC:

CVE-2020-36847

CVE-2020-24363

  • Severity: 8.8 HIGH
  • Impacted Products: TP-Link TL-WA855RE V5 20200415-rel37464
  • Description: TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2020-24363
  • PoC:

CVE-2019-19781

CVE-2017-9798

CVE-2017-3066

  • Severity: 9.8 CRITICAL
  • Impacted Products: Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier
  • Description: Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.
  • Remediation:
  • More Info: NVD - CVE-2017-3066
  • PoC:

CVE-2016-15043

  • Severity: 9.8 CRITICAL
  • Impacted Products: WP Mobile Detector plugin for WordPress, versions up to, and including, 3.5
  • Description: The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2016-15043
  • PoC:

CVE-2015-2079

  • Severity: 9.9 CRITICAL
  • Impacted Products: Usermin 0.980, Usermin 1.x before 1.660
  • Description: Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form of Perl open.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2015-2079
  • PoC:

CVE-2014-6278

  • Severity: 8.8 HIGH
  • Impacted Products: GNU Bash
  • Description: GNU Bash is the GNU Project’s sh-compatible shell.

A vulnerability exists when handling environment variables in GNU Bash. The vulnerable component does not properly parse the values of environment variables.

CVE-2011-3607

CVE-2025-8110

  • Severity: Unknown
  • Impacted Products: Gogs
  • Description: Gogs is affected by an improper symbolic link handling vulnerability in its PutContents API, allowing authenticated users to achieve arbitrary code execution. This flaw acts as a bypass for a previously patched path traversal vulnerability.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-8110
  • PoC:

CVE-2025-6019

CVE-2025-6018

CVE-2025-54957

CVE-2025-49596

  • Severity: Unknown
  • Impacted Products: MCP Inspector < 0.14.1
  • Description: The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-49596
  • PoC:

CVE-2025-40778

CVE-2025-24514

CVE-2025-23419

CVE-2025-20393

  • Severity: 10.0 CRITICAL
  • Impacted Products: Cisco AsyncOS Software for Cisco Secure Email Gateway, Cisco Secure Email and Web Manager
  • Description: Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager contains an improper input validation vulnerability that allows remote attackers to execute arbitrary commands with root privileges on the underlying operating system. This flaw requires the Spam Quarantine feature to be enabled and reachable from the internet.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-20393
  • PoC:

CVE-2025-12101

CVE-2025-11001

CVE-2025-1098

CVE-2025-1097

CVE-2025-0108

CVE-2024-6473

  • Severity: 7.8 HIGH
  • Impacted Products: Yandex Browser for Desktop before 24.7.1.380
  • Description: Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-6473
  • PoC:

CVE-2024-49113

CVE-2024-44625

  • Severity: 8.8 HIGH
  • Impacted Products: Gogs <=0.13.0
  • Description: Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2024-44625
  • PoC:

CVE-2024-36401

CVE-2024-3393

CVE-2024-33452

CVE-2024-30043

CVE-2024-27564

CVE-2024-21887

CVE-2024-0132

CVE-2023-4863

CVE-2023-48022

CVE-2023-46805

CVE-2023-4357

CVE-2023-41892

CVE-2023-2533

  • Severity: 8.4 HIGH
  • Impacted Products: PaperCut NG, PaperCut MF
  • Description: A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. This could be exploited if the target is an admin with a current login session. Exploiting this would typically involve the possibility of deceiving an admin into clicking a specially crafted malicious link, potentially leading to unauthorized changes.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2023-2533
  • PoC:

CVE-2022-43939

CVE-2022-43769

CVE-2021-43798

CVE-2021-39793

CVE-2021-35587

CVE-2019-6693

CVE-2019-11932

CVE-2006-5051

CVE-2025-45987

CVE-2025-45986

CVE-2025-45985

CVE-2025-44897

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44897
  • PoC:

CVE-2025-44887

  • Severity: 9.6 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44887
  • PoC:

CVE-2025-44886

  • Severity: 9.6 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44886
  • PoC:

CVE-2025-44885

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44885
  • PoC:

CVE-2025-44884

  • Severity: 9.8 CRITICAL
  • Impacted Products: FW-WGS-804HPT v1.305b241111
  • Description: FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-44884
  • PoC:

CVE-2025-29042

CVE-2025-2777

  • Severity: 9.3 CRITICAL
  • Impacted Products: SysAid On-Prem <= 23.3.40
  • Description: SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2777
  • PoC:

CVE-2025-27651

  • Severity: 7.5 HIGH
  • Impacted Products: Vasion Print before Virtual Appliance Host 22.0.862, Application 20.0.2014, Elatec V-2023-014
  • Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-27651
  • PoC:

CVE-2025-27646

  • Severity: 8.1 HIGH
  • Impacted Products: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913, Application 20.0.2253
  • Description: Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Edit User Account Exposure V-2024-001.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-27646
  • PoC:

CVE-2025-2620

  • Severity: 9.8 CRITICAL
  • Impacted Products: D-Link DAP-1620 1.03
  • Description: A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
  • Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
  • More Info: NVD - CVE-2025-2620
  • PoC:

CVE-2025-14706

CVE-2024-55557

References

This list was scraped from the quite amazing and highly recommended newsletters below:

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.