Skip to main content
CVE-2024-58248 LOW POC PATCH Monitor

nopCommerce through 4.90.1 does not offer locking for order placement. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Race Condition Nopcommerce
NVD GitHub
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-32789 LOW POC PATCH Monitor

EspoCRM is an Open Source Customer Relationship Management software. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Espocrm
NVD GitHub
CVSS 3.1
3.1
EPSS
0.2%
CVE-2024-58249 LOW Monitor

In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
3.7
EPSS
0.3%
CVE-2025-32787 LOW Monitor

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Null Pointer Dereference Denial Of Service
NVD GitHub
CVSS 3.1
3.1
EPSS
0.2%
CVE-2025-24839 LOW PATCH Monitor

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to prevent Wrangler posts from triggering AI responses. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.1
EPSS
0.2%
CVE-2025-31363 LOW PATCH Monitor

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.

Atlassian Code Injection Mattermost Server
NVD
CVSS 3.1
3.0
EPSS
0.2%
CVE-2025-27538 LOW PATCH Monitor

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
2.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy