Skip to main content
CVE-2025-24813 CRITICAL POC KEV PATCH THREAT CERT-EU Act Now

A critical path equivalence vulnerability in Apache Tomcat's Default Servlet allows unauthenticated remote code execution through specially crafted PUT requests using internal dot notation in filenames. With EPSS of 94% and active exploitation in the wild, this represents one of the most dangerous Tomcat vulnerabilities in recent years, affecting versions 9.0.0-9.0.98, 10.1.0-10.1.34, and 11.0.0-11.0.2.

Apache RCE Information Disclosure Red Hat Suse
NVD GitHub HeroDevs Exploit-DB
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2025-25940 CRITICAL POC Act Now

VisiCut 2.1 allows remote code execution through insecure XML deserialization in the loadPlfFile method. An attacker who can supply a crafted PLF file can execute arbitrary Java code on the victim's machine. A public PoC exploit exists and no patch is available.

Java
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2025-25977 CRITICAL POC PATCH Act Now

canvg 4.0.2 is vulnerable to arbitrary code execution through prototype pollution in the StyleElement class constructor. An attacker can exploit this to execute code in environments that process SVG content with canvg. A PoC exists with no patch available.

RCE Code Injection Red Hat
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-1945 CRITICAL POC PATCH Act Now

PickleScan before 0.0.23 can be bypassed by flipping specific ZIP file header flag bits, allowing malicious pickle files to evade detection inside PyTorch model archives. An attacker can embed arbitrary code execution payloads that PickleScan misses but PyTorch's torch.load() still processes. A proof-of-concept exists and a patch is available in version 0.0.23.

Authentication Bypass Deserialization RCE Pytorch AI / ML
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-25614 HIGH POC This Week

Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers. [CVSS 8.8 HIGH]

Privilege Escalation
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-11638 HIGH POC This Week

The Gtbabel WordPress plugin before version 6.6.9 fails to validate that analyzed URLs belong to the legitimate website, allowing attackers to trick users into visiting malicious links that steal their login cookies. This affects any WordPress site running the vulnerable plugin version. An attacker could craft a specially designed URL that, when clicked by an admin or logged-in user, exposes their session cookies, potentially giving the attacker full account access.

WordPress
NVD WPScan
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-25907 HIGH POC This Week

tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/save. This vulnerability allows attackers to execute arbitrary operations via a crafted GET or POST request. [CVSS 8.8 HIGH]

CSRF RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-22603 HIGH POC PATCH This Week

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. [CVSS 8.1 HIGH]

SSRF
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-13918 HIGH POC PATCH This Week

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page. [CVSS 8.0 HIGH]

XSS
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2024-13919 HIGH POC PATCH This Week

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page. [CVSS 8.0 HIGH]

XSS
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-27910 HIGH POC This Week

tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allows attackers to execute arbitrary operations via a crafted GET or POST request. [CVSS 8.0 HIGH]

CSRF RCE
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-1944 MEDIUM POC PATCH This Month

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the mod...

Denial Of Service Authentication Bypass Pytorch AI / ML
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-2151 MEDIUM POC PATCH This Month

A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. [CVSS 6.3 MEDIUM]

Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2025-2152 MEDIUM POC PATCH This Month

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. [CVSS 6.3 MEDIUM]

Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2025-1497 CRITICAL PATCH Act Now

PlotAI is vulnerable to remote code execution because it executes LLM-generated Python code without validation. The vendor has acknowledged the flaw by commenting out the vulnerable line but does not plan to release a formal patch, leaving users who re-enable the feature at risk.

Python RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2025-26936 CRITICAL Act Now

Fresh Framework for WordPress (through 1.70.0) contains a code injection vulnerability that allows unauthenticated attackers to execute arbitrary code with scope change, achieving maximum impact on confidentiality, integrity, and availability.

Code Injection RCE
NVD
CVSS 3.1
10.0
EPSS
0.2%
CVE-2024-57492 MEDIUM POC This Month

An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton. [CVSS 5.5 MEDIUM]

Denial Of Service
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-53307 MEDIUM POC This Month

A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. [CVSS 5.4 MEDIUM]

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-25908 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the coverImageURL parameter at /article/ajax/save. [CVSS 5.4 MEDIUM]

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-55199 MEDIUM POC This Month

A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser. [CVSS 5.4 MEDIUM]

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-2147 MEDIUM POC This Month

A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. [CVSS 5.3 MEDIUM]

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-25306 CRITICAL PATCH Act Now

Misskey, a federated social media platform, has an incomplete fix for CVE-2024-52591 that allows ActivityPub object forgery. An attacker can claim authority in the URL field even when the protocol requires authority in the ID field, enabling spoofing of federated content. Fixed in 2025.2.1.

RCE
NVD GitHub
CVSS 3.1
9.3
EPSS
0.1%
CVE-2025-26916 CRITICAL Act Now

The Massive Dynamic WordPress theme (through 8.2) by EPC is vulnerable to PHP Remote File Inclusion via an improperly controlled include/require statement. Although the attack complexity is high, successful exploitation allows unauthenticated remote code execution with scope change.

PHP LFI Information Disclosure
NVD
CVSS 3.1
9.0
EPSS
0.3%
CVE-2025-2153 MEDIUM POC PATCH This Month

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. [CVSS 5.0 MEDIUM]

Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.2%
CVE-2025-2136 HIGH PATCH This Week

Use after free in Inspector in Google Chrome versions up to 134.0.6998.88 is affected by use after free (CVSS 8.8).

Chrome Suse Google
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-2135 HIGH PATCH This Week

Type Confusion in V8 in Google Chrome versions up to 134.0.6998.88 is affected by access of resource using incompatible type (type confusion) (CVSS 8.8).

Chrome Suse Google
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-1920 HIGH PATCH This Week

Type Confusion in V8 in Google Chrome versions up to 134.0.6998.88 is affected by access of resource using incompatible type (type confusion) (CVSS 8.8).

Chrome Suse Google
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-2137 HIGH PATCH This Week

Out of bounds read in V8 in Google Chrome versions up to 134.0.6998.88 is affected by out-of-bounds read (CVSS 8.8).

Chrome Suse Google
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-41724 HIGH This Week

in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions of Gallagher Command Centre versions up to 9.20.1043. is affected by improper certificate validation (CVSS 8.7).

Authentication Bypass
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-27925 HIGH This Week

Nintex Automation 5.6 and 5.7 versions up to 5.8 is affected by deserialization of untrusted data (CVSS 8.5).

Deserialization
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-27616 HIGH PATCH This Week

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Prior to versions 0.25.3 and 0.26.3, by spoofing a webhook payload with a specific set of headers and body data, an attacker could transfer ownership of a repository and its repo level secrets to a separate repository. These secrets could be exfiltrated by follow up builds to the repository. Users with an enabled repository with access to repo level CI secrets in Vela are vulnerable to the e...

Linux RCE Suse
NVD GitHub
CVSS 3.1
8.5
EPSS
0.1%
CVE-2024-56191 HIGH This Week

In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]

Privilege Escalation Integer Overflow
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-27256 HIGH This Week

GE Vernova Enervista UR Setup application is affected by missing authentication for critical function (CVSS 8.3).

Authentication Bypass
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2025-27615 HIGH This Week

umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly accessible with umatiGateway's provided docker-compose file. [CVSS 8.2 HIGH]

Docker
NVD GitHub
CVSS 3.1
8.2
EPSS
0.3%
CVE-2025-27254 HIGH This Week

CWE-282 "Improper Ownership Management" in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Windows registry setting that any user can modify. [CVSS 8.0 HIGH]

Windows Authentication Bypass
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-27255 HIGH This Week

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code. [CVSS 8.0 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2022-43454 HIGH This Week

A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. [CVSS 7.8 HIGH]

Linux Denial Of Service macOS iOS Apple
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-56192 HIGH This Week

In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]

Buffer Overflow Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27610 HIGH PATCH This Week

Rack provides an interface for developing web applications in Ruby. versions up to 2.2.13 contains a security vulnerability (CVSS 7.5).

Path Traversal Red Hat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-26933 HIGH This Week

Local File Inclusion in WC Place Order Without Payment (WordPress plugin) versions up to 2.6.7 enables remote attackers to read arbitrary files from the web server through improper filename control in PHP include/require statements. While CVSS rates this 7.5 (High), EPSS exploitation probability is low (0.24%, 46th percentile), and no active exploitation is confirmed (not in CISA KEV). Patchstack vulnerability database confirms the flaw, but no public exploit code is identified at time of analysis. Real-world risk is moderate: exploitation requires high attack complexity and user interaction, limiting mass exploitation scenarios despite network accessibility.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-54546 HIGH This Week

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. [CVSS 7.5 HIGH]

Linux macOS Apple
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-44227 HIGH This Week

The issue was addressed with improved memory handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. [CVSS 7.5 HIGH]

Linux Denial Of Service Apple macOS iOS
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-25382 HIGH This Week

The Property Tax Payment Portal in Kerala's SANCHAYA system (version 3.0.4) has a flaw that lets attackers change payment amounts in fake requests, potentially paying less tax than owed. This affects anyone using this government portal to pay property taxes in Kerala, India. An attacker could exploit this to reduce their tax payments or cause financial loss to the government by manipulating transaction amounts.

Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-27913 HIGH This Week

Passbolt API before 5, if the server is misconfigured (with an incorrect installation process and disregarding of Health Check results), can send email messages with a domain name taken from an attacker-controlled HTTP Host header. [CVSS 7.5 HIGH]

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-43107 HIGH This Week

Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events) to be sent to the Plugin. [CVSS 7.2 HIGH]

Authentication Bypass
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-26910 HIGH This Week

Stored Cross-Site Scripting in WPBookit WordPress plugin through version 1.0.1 can be achieved via CSRF attack vector. Attackers trick authenticated administrators into executing malicious requests that inject persistent JavaScript into the booking management interface, potentially leading to session hijacking, privilege escalation, or further site compromise. EPSS score of 0.05% (14th percentile) indicates low probability of mass exploitation, though the CVSS:3.1 score of 7.1 reflects the Changed Scope and combined impact of both CSRF and XSS vulnerabilities affecting confidentiality, integrity, and availability.

XSS CSRF
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-26696 HIGH PATCH This Week

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability affects Thunderbird < 136 and Thunderbird < 128.8. [CVSS 7.0 HIGH]

Mozilla Authentication Bypass
NVD VulDB
CVSS 3.1
7.0
EPSS
0.2%
CVE-2024-56187 MEDIUM This Month

In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. [CVSS 6.6 MEDIUM]

Information Disclosure
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-54467 MEDIUM PATCH This Month

A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. [CVSS 6.5 MEDIUM]

Apple Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-1296 MEDIUM PATCH This Month

Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19. [CVSS 6.5 MEDIUM]

Information Disclosure Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy