Skip to main content
CVE-2025-32382 LOW Monitor

Metabase is an open source Business Intelligence and Embedded Analytics tool. Rated low severity (CVSS 1.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
1.8
EPSS
0.4%
CVE-2025-3469 NONE Awaiting Data

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. Rated remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS
NVD
EPSS
0.4%
CVE-2025-32696 NONE Awaiting Data

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. Rated remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP
NVD
EPSS
0.3%
CVE-2025-32697 NONE Awaiting Data

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. Rated remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP
NVD
EPSS
0.3%
CVE-2025-0362 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.

Gitlab XSS
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-27813 HIGH This Month

MSI Center before 2.0.52.0 has Missing PE Signature Validation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. No vendor patch available.

Jwt Attack Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.0%

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD
CVE-2025-2809 HIGH This Month

The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE WordPress Code Injection PHP
NVD
CVSS 3.1
7.3
EPSS
1.4%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy