Skip to main content
CVE-2025-24016 CRITICAL POC KEV PATCH THREAT Act Now

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI that allows remote code execution on Wazuh management servers.

Wazuh Python Deserialization RCE Suse
NVD
CVSS 3.1
9.9
EPSS
93.9%
Threat
7.8
CVE-2024-13011 CRITICAL Act Now

The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'upload_publisher_profile_image' function in versions up to, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress RCE File Upload
NVD
CVSS 3.1
9.8
EPSS
5.8%
CVE-2025-24032 CRITICAL PATCH This Week

PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Red Hat Suse
NVD GitHub
CVSS 4.0
9.2
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy