Skip to main content
CVE-2025-32026 LOW Monitor

Element Web is a Matrix web client built using the Matrix React SDK. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
3.8
EPSS
0.1%
CVE-2025-3416 LOW Monitor

A flaw was found in OpenSSL's handling of the properties argument in certain functions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Memory Corruption OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.5%
CVE-2024-50565 LOW Monitor

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortiweb Fortivoice Fortiproxy +3
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-27192 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Adobe Authentication Bypass Commerce Commerce B2b Magento
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2025-27443 LOW Monitor

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Meeting Software Development Kit Rooms Rooms Controller +2
NVD
CVSS 3.1
2.8
EPSS
0.1%
CVE-2025-22855 LOW Monitor

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Fortinet Forticlientems
NVD
CVSS 3.1
2.7
EPSS
0.2%
CVE-2025-32035 LOW PATCH Monitor

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Dotnetnuke
NVD GitHub
CVSS 3.1
2.6
EPSS
0.1%
CVE-2024-32122 LOW Monitor

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fortinet
NVD
CVSS 3.1
2.3
EPSS
0.1%
CVE-2025-30166 LOW PATCH Monitor

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Rated low severity (CVSS 1.8), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Admin Classic Bundle
NVD GitHub
CVSS 4.0
1.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy