THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — June 09, 2025

178 CVEs tracked today. 29 Critical, 89 High, 51 Medium, 9 Low.

CVE-2025-47608 CRITICAL CVSS 9.3
A remote code execution vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows SQL Injection (CVSS 9.3). Risk factors: EPSS 32% exploitation probability.

WordPress SQLi Woocommerce PHP
CVE-2025-49652 CRITICAL CVSS 9.8
Critical authentication bypass vulnerability in Lablup's BackendAI registration feature that allows unauthenticated attackers to create arbitrary user accounts and access private data, even when registration is administratively disabled. With a CVSS score of 9.8 and network-based attack vector requiring no privileges or user interaction, this vulnerability poses an immediate and severe risk to all BackendAI deployments. The vulnerability enables account creation without proper authentication controls (CWE-306), potentially allowing attackers to gain unauthorized access to sensitive computational resources and data.

Authentication Bypass
CVE-2025-49297 CRITICAL CVSS 9.8
Path traversal vulnerability in Mikado-Themes Grill and Chow WordPress themes (versions through 1.6) that enables PHP Local File Inclusion (LFI) attacks. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary files on the affected server, potentially exposing sensitive configuration files, database credentials, and other confidential data. The high CVSS score of 8.1 reflects significant impact on confidentiality and integrity, though exploitation requires higher attack complexity.

PHP Path Traversal
CVE-2025-49296 CRITICAL CVSS 9.8
A Path Traversal vulnerability in Mikado-Themes GrandPrix WordPress theme (versions through 1.6) allows unauthenticated remote attackers to perform PHP Local File Inclusion (LFI) attacks, potentially leading to arbitrary file reading, information disclosure, and remote code execution. The vulnerability has a CVSS score of 8.1 (High) with high impact on confidentiality, integrity, and availability; exploitation requires medium attack complexity but no user interaction or privileges. KEV status and active exploitation data were not provided, but the high CVSS and LFI nature suggest significant real-world risk if POC is publicly available.

PHP Path Traversal
CVE-2025-49295 CRITICAL CVSS 9.8
A Path Traversal vulnerability in Mikado-Themes MediClinic through version 2.1 enables unauthenticated remote attackers to conduct PHP Local File Inclusion (LFI) attacks, potentially allowing arbitrary file reading and code execution. The CVSS 8.1 score reflects high impact across confidentiality, integrity, and availability, though attack complexity is listed as HIGH. No public confirmation of active KEV exploitation or PoC availability is documented in standard feeds, but the high CVSS and LFI vector suggest this should be treated as a credible priority vulnerability.

PHP Path Traversal
CVE-2025-49136 CRITICAL CVSS 9.0
A security vulnerability in version 4.0.0 and (CVSS 9.0) that allows capturing of env variables. Risk factors: EPSS 41% exploitation probability, public PoC available. Vendor patch is available.

Information Disclosure Privilege Escalation Listmonk Suse
CVE-2025-49013 CRITICAL CVSS 9.9
A security vulnerability in WilderForge (CVSS 9.9). Critical severity with potential for significant impact on affected systems.

RCE Code Injection Github
CVE-2025-48877 CRITICAL CVSS 9.8
Discourse versions prior to 3.4.4 (stable), 3.5.0.beta5 (beta), and 3.5.0.beta6-dev (tests-passed) contain a critical vulnerability where Codepen is included in the default `allowed_iframes` site setting and can auto-execute arbitrary JavaScript within the iframe scope, enabling unauthenticated remote code execution. With a CVSS score of 9.8 and network-accessible attack vector requiring no privileges or user interaction, this vulnerability poses severe risk to all default Discourse installations and should be prioritized for immediate patching.

RCE Discourse
CVE-2025-48281 CRITICAL CVSS 9.3
Blind SQL injection vulnerability in mystyleplatform's MyStyle Custom Product Designer that allows unauthenticated remote attackers to extract sensitive data through time-based or error-based SQL injection techniques. All versions up to and including 3.21.1 are affected. The high CVSS score of 9.3 reflects the critical nature of unauthenticated network-accessible SQL injection with high confidentiality impact, though integrity is not directly compromised and availability impact is limited.

SQLi
CVE-2025-48141 CRITICAL CVSS 9.3
Critical SQL injection vulnerability in Alex Zaytseff's Multi CryptoCurrency Payments plugin (versions up to 2.0.3) that allows unauthenticated remote attackers to execute arbitrary SQL commands. The vulnerability has a CVSS score of 9.3 with network-based attack vector and no privileges required, enabling attackers to extract sensitive data including cryptocurrency transaction records, user credentials, and payment information. The high CVSS combined with an unauthenticated, low-complexity attack vector suggests this is a high-priority vulnerability with significant real-world exploitation risk.

SQLi Information Disclosure
CVE-2025-48140 CRITICAL CVSS 9.9
Critical Code Injection vulnerability (CWE-94) in MetalpriceAPI versions through 1.1.4 that allows authenticated attackers to inject and execute arbitrary code with network access and low complexity. The vulnerability has a maximum severity CVSS score of 9.9 with complete impact across confidentiality, integrity, and availability. This is a high-priority vulnerability affecting any deployment of MetalpriceAPI up to version 1.1.4, with no publicly confirmed workarounds available at this time.

Code Injection
CVE-2025-48129 CRITICAL CVSS 9.8
CVE-2025-48129 is an Incorrect Privilege Assignment vulnerability (CWE-266) in Holest Engineering's Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light plugin that allows unauthenticated remote attackers to escalate privileges and gain complete control over affected WordPress installations. The vulnerability affects versions up to and including 2.4.37, with a critical CVSS 9.8 score indicating network-exploitable, low-complexity privilege escalation requiring no authentication or user interaction. Active exploitation status and proof-of-concept availability would significantly elevate real-world risk given the plugin's direct access to WooCommerce/WP E-commerce price modification functionality.

WordPress Privilege Escalation Woocommerce PHP
CVE-2025-48126 CRITICAL CVSS 9.8
PHP Local File Inclusion (LFI) vulnerability in g5theme Essential Real Estate plugin versions through 5.2.1, allowing unauthenticated remote attackers to include and execute arbitrary local files on the affected server. The vulnerability stems from improper control of filename parameters in PHP include/require statements (CWE-98), enabling potential information disclosure, code execution, and system compromise. While the CVSS score of 8.1 indicates high severity with high confidentiality and integrity impact, real-world exploitation depends on server configuration, file system permissions, and available local files for inclusion.

PHP Information Disclosure Lfi
CVE-2025-48123 CRITICAL CVSS 10.0
A remote code execution vulnerability (CVSS 10.0). Critical severity with potential for significant impact on affected systems.

WordPress Code Injection PHP
CVE-2025-48122 CRITICAL CVSS 9.3
A critical SQL injection vulnerability (CVE-2025-48122) exists in Holest Engineering's Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light plugin affecting versions through 2.4.37. An unauthenticated remote attacker can execute arbitrary SQL commands to extract sensitive database information including customer data and product details. The high CVSS score of 9.3 combined with network accessibility and no authentication requirement makes this a severe priority, particularly if the vulnerability is actively exploited or proof-of-concept code is publicly available.

WordPress SQLi PHP
CVE-2025-32291 CRITICAL CVSS 10.0
Critical unrestricted file upload vulnerability in FantasticPlugins SUMO Affiliates Pro (versions through 10.7.0) that allows unauthenticated attackers to upload malicious files with dangerous types, leading to complete system compromise. This CWE-434 vulnerability has a perfect CVSS 3.1 score of 10.0 due to network accessibility without authentication or user interaction, and affects all confidentiality, integrity, and availability properties. The vulnerability represents an immediate, easily exploitable threat to any WordPress installation running the affected plugin versions.

File Upload
CVE-2025-31429 CRITICAL CVSS 9.8
A deserialization vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Deserialization
CVE-2025-31424 CRITICAL CVSS 9.3
Blind SQL Injection vulnerability in the WP Lead Capturing Pages WordPress plugin (versions through 2.3) that allows unauthenticated remote attackers to extract sensitive data from the database without leaving obvious traces. The vulnerability has a critical CVSS score of 9.3 due to its network-accessible attack vector, low complexity, and requirement for no privileges or user interaction. While specific KEV or active exploitation status is not confirmed in available intelligence, the high CVSS, blind SQL injection nature, and broad applicability across WordPress installations make this a priority for remediation.

SQLi WordPress PHP
CVE-2025-31398 CRITICAL CVSS 9.8
Critical deserialization of untrusted data vulnerability in themeton PIMP (Creative MultiPurpose) plugin affecting versions through 1.7, allowing unauthenticated remote attackers to inject arbitrary objects and achieve complete system compromise (confidentiality, integrity, and availability impact). The CVSS 9.8 score reflects the network-accessible, authentication-free attack vector with high impact across all three security dimensions. Exploitation requires no user interaction and can be performed by any unauthenticated network attacker, making this a severe priority if the KEV catalog confirms active exploitation or POC availability.

Deserialization Code Injection
CVE-2025-31396 CRITICAL CVSS 9.8
Critical deserialization vulnerability in themeton FLAP - Business WordPress Theme (versions up to 1.5) that allows unauthenticated remote attackers to achieve arbitrary object injection without user interaction. The vulnerability has a near-perfect CVSS score of 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating complete compromise of confidentiality, integrity, and availability is possible. Given the network-accessible attack vector and low complexity, this represents a critical risk to all WordPress installations using vulnerable theme versions.

Deserialization WordPress PHP Code Injection
CVE-2025-31059 CRITICAL CVSS 9.3
A critical SQL injection vulnerability (CVE-2025-31059) exists in woobewoo WBW Product Table PRO plugin versions up to 2.1.3, allowing unauthenticated remote attackers to execute arbitrary SQL queries and extract sensitive database information. The CVSS 9.3 score reflects the severe impact on confidentiality with network-based attack vectors requiring no user interaction, though integrity is not compromised. The vulnerability's active exploitation status and high EPSS score indicate this is a genuine, prioritized threat requiring immediate patching.

SQLi
CVE-2025-31052 CRITICAL CVSS 9.8
Critical deserialization of untrusted data vulnerability in themeton's 'The Fashion - Model Agency One Page Beauty Theme' WordPress theme (versions up to 1.4.4) that enables object injection attacks. An unauthenticated, remote attacker can exploit this with no user interaction required to achieve complete system compromise including confidentiality, integrity, and availability breaches. The CVSS 9.8 score reflects the critical nature (network-accessible, low complexity, no privileges needed, high impact across all security properties), though real-world exploitation likelihood depends on whether public POCs exist and if the vulnerability is actively being weaponized in the wild.

Deserialization PHP WordPress
CVE-2025-31039 CRITICAL CVSS 9.1
CVE-2025-31039 is an XML External Entity (XXE) injection vulnerability in the Pixelgrade Category Icon WordPress plugin (versions through 1.0.2) that allows authenticated attackers with high privileges to read arbitrary files, execute remote code, or cause denial of service through improper XML entity validation. The vulnerability has a critical CVSS score of 9.1 but requires administrator-level privileges to exploit; active exploitation status and proof-of-concept availability are not confirmed from the provided intelligence.

XXE
CVE-2025-31022 CRITICAL CVSS 9.8
CVE-2025-31022 is an authentication bypass vulnerability in PayU India's payment processing platform (versions before 3.8.8) that allows attackers to bypass authentication mechanisms via an alternate path or channel, granting unauthorized access to sensitive payment and customer data. With a critical CVSS score of 9.8 and network-based attack vector requiring no privileges or user interaction, this vulnerability poses an immediate and severe threat to all PayU India users and their customers' payment information. Active exploitation status and public disclosure details should be verified through CISA KEV database and PayU's official security advisories.

Authentication Bypass
CVE-2025-30515 CRITICAL CVSS 9.8
Critical arbitrary file upload vulnerability in CyberData 011209 Intercom systems that allows authenticated attackers to upload malicious files to multiple locations within the system without user interaction. With a CVSS 9.8 score and network-accessible attack surface requiring only valid authentication credentials, this vulnerability poses severe risk to organizations deploying these intercom systems. The vulnerability enables complete system compromise through arbitrary file placement, potentially allowing remote code execution, system manipulation, and data theft.

Information Disclosure 011209 Sip Emergency Intercom Firmware
CVE-2025-30184 CRITICAL CVSS 9.8
CyberData 011209 Intercom devices contain an authentication bypass vulnerability in the web interface accessible via an alternate path, allowing unauthenticated attackers complete unauthorized access (confidentiality, integrity, availability compromise). This CVSS 9.8 critical vulnerability affects CyberData intercom systems and poses immediate risk to organizations relying on these devices for communication and physical security integration. No specific KEV or active exploitation data provided, but the unauthenticated network-accessible nature with no mitigation requirements makes this highly likely to be targeted.

Information Disclosure 011209 Sip Emergency Intercom Firmware
CVE-2025-24767 CRITICAL CVSS 9.3
Blind SQL Injection vulnerability in the TicketBAI Facturas para WooCommerce plugin (versions up to 3.19) that allows unauthenticated remote attackers to execute arbitrary SQL queries. The vulnerability has a critical CVSS score of 9.3 with network-based attack vector requiring no privileges or user interaction, potentially enabling data exfiltration from WordPress database instances. Active exploitation status and proof-of-concept availability should be verified through KEV databases and security research channels.

WordPress SQLi Woocommerce PHP
CVE-2025-5893 CRITICAL CVSS 9.8
Critical authentication bypass vulnerability in Honding Technology's Smart Parking Management System that allows unauthenticated remote attackers to directly access an administrative credentials page and retrieve plaintext administrator passwords without authentication. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability poses an immediate and severe risk to all deployed instances, potentially enabling complete system compromise and unauthorized access to parking infrastructure management.

Information Disclosure
CVE-2025-3835 CRITICAL CVSS 9.6
Critical remote code execution vulnerability in Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior, exploitable through the Content Search module without authentication. An attacker can achieve arbitrary code execution with high confidentiality, integrity, and availability impact across the system boundary (CVSS 9.6). This vulnerability requires user interaction (UI=R) and involves improper file upload handling (CWE-434); active exploitation status and POC availability require verification through CISA KEV and public disclosures.

Zoho Exchange RCE Manageengine Exchange Reporter Plus
CVE-2025-49653 HIGH CVSS 8.0
Sensitive data exposure vulnerability in Lablup's BackendAI that allows authenticated attackers with high privileges to retrieve user credentials from active sessions on the management platform. The vulnerability affects the session management mechanism and has a CVSS score of 8.0 with a complex attack vector requiring high privilege access, indicating a serious but not trivially exploitable issue in production environments.

Information Disclosure
CVE-2025-49651 HIGH CVSS 8.1
A security vulnerability in the session. This vulnerability exists in all current (CVSS 8.1) that allows attackers. High severity vulnerability requiring prompt remediation.

Information Disclosure
CVE-2025-49282 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Unfoldwp Magze versions up to 1.0.9 that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. This is a network-accessible vulnerability with high attack complexity but complete impact on confidentiality, integrity, and availability (CVSS 8.1). The vulnerability likely affects WordPress plugin deployments where Magze is installed, and successful exploitation could lead to remote code execution through log poisoning or other LFI-to-RCE chains.

PHP Information Disclosure
CVE-2025-49281 HIGH CVSS 8.1
A security vulnerability in Unfoldwp Magways allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure
CVE-2025-49280 HIGH CVSS 8.1
A security vulnerability in Unfoldwp Magty allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure
CVE-2025-49279 HIGH CVSS 8.1
A security vulnerability in Unfoldwp Blogvy allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure
CVE-2025-49278 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Unfoldwp Blogty plugin versions up to 1.0.11 that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. The vulnerability has a CVSS score of 8.1 (High), indicating potential for confidentiality, integrity, and availability compromise. Active exploitation status and EPSS probability are critical factors in determining real-world risk severity.

PHP Information Disclosure
CVE-2025-49277 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Unfoldwp Blogprise WordPress plugin versions through 1.0.9, stemming from improper control of filename parameters in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server filesystem, potentially leading to information disclosure, code execution, or further compromise. The CVSS 8.1 score reflects high severity with network accessibility and significant confidentiality/integrity/availability impact, though attack complexity is rated as high suggesting specific conditions must be met for exploitation.

PHP Information Disclosure
CVE-2025-49276 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Unfoldwp Blogmine versions up to 1.1.7 that allows unauthenticated remote attackers to include and execute arbitrary files on the server. The vulnerability stems from improper input validation on filename parameters used in PHP include/require statements (CWE-98). While the CVSS score of 8.1 reflects high impact potential across confidentiality, integrity, and availability, the AC:H (Attack Complexity: High) suggests exploitation requires specific conditions; KEV status, EPSS probability, and public POC availability are critical factors for determining actual prioritization.

PHP Lfi RCE
CVE-2025-49275 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Unfoldwp Blogbyte versions through 1.1.1, stemming from improper control of filenames in PHP include/require statements. An unauthenticated remote attacker can exploit this vulnerability with high complexity to achieve arbitrary code execution, information disclosure, or service disruption. While the CVSS score of 8.1 reflects severe potential impact, the High attack complexity (AC:H) suggests exploitation requires specific conditions or timing, and KEV/active exploitation status and POC availability remain unconfirmed from available intelligence.

PHP Information Disclosure
CVE-2025-49265 HIGH CVSS 7.5
Missing Authorization (CWE-862) vulnerability in WP Swings Membership For WooCommerce that allows unauthenticated attackers to access functionality not properly constrained by Access Control Lists (ACLs). The vulnerability affects versions up to and including 2.8.1 of this WordPress/WooCommerce plugin, enabling unauthorized users to bypass membership restrictions and potentially access premium features or sensitive membership data without valid credentials. With a CVSS score of 7.5 and a network-accessible attack vector requiring no privileges or user interaction, this represents a significant exposure risk for e-commerce sites relying on this plugin for membership management.

WordPress Woocommerce PHP Privilege Escalation
CVE-2025-49141 HIGH CVSS 8.5
HAX CMS PHP versions prior to 11.0.3 contain an OS command injection vulnerability in the `gitImportSite` functionality where insufficient input validation on user-supplied URL parameters allows authenticated attackers to bypass `filter_var` and `strpos` checks and execute arbitrary OS commands via the `set_remote` function's `proc_open` call. An authenticated attacker can leverage this to execute arbitrary commands and exfiltrate output, representing a critical post-authentication code execution risk with high real-world impact due to full OS command execution capability.

PHP Command Injection Haxcms Nodejs Haxcms Php
CVE-2025-49140 HIGH CVSS 7.5
Pion Interceptor versions v0.1.36 through v0.1.38 contain a denial-of-service vulnerability in the RTP packet factory that allows unauthenticated remote attackers to trigger application panics via crafted RTP packets with malformed padding fields. This affects all applications using the Pion interceptor library for RTP/RTCP communication, with no authentication required and low attack complexity. The vulnerability has a CVSS score of 7.5 (High) with availability impact only; no evidence of active exploitation or public POC availability is documented.

Denial Of Service Golang Suse
CVE-2025-49137 HIGH CVSS 8.5
HAX CMS PHP versions prior to 11.0.0 contain a stored cross-site scripting (XSS) vulnerability in the 'saveNode' and 'saveManifest' endpoints that fails to properly sanitize user input before storing it in the site's JSON schema. An authenticated attacker with low privileges can inject arbitrary JavaScript code through HTML tags (excluding direct <script> tags) that will execute in the context of generated HAX sites, potentially compromising site integrity and user data. The vulnerability has a high CVSS score of 8.5 due to network accessibility, low attack complexity, and cross-site impact, though real-world exploitation requires authenticated access and user interaction with the generated content.

PHP XSS Haxcms Php Haxcms Nodejs
CVE-2025-49006 HIGH CVSS 8.2
Wasp framework versions prior to 0.16.6 contain a critical OAuth/OpenID Connect implementation flaw where user IDs are improperly lowercased before storage and authentication, violating specification requirements. This affects only Keycloak deployments configured with case-sensitive user IDs, enabling attackers to impersonate users, trigger account collisions, and escalate privileges. While the CVSS score of 8.2 reflects high integrity impact, real-world risk is constrained to Keycloak with specific non-default configuration, and no public exploit or KEV designation has been reported.

Node.js Privilege Escalation Google
CVE-2025-49004 HIGH CVSS 7.5
DNS rebinding vulnerability in Caido (web security auditing toolkit) versions prior to 0.48.0 that allows attackers to hijack the authentication flow and achieve remote code execution. An attacker can load Caido on an attacker-controlled domain through DNS rebinding attacks, either during initial setup or by re-initiating the authentication flow on an already-configured instance. The vulnerability requires user interaction (UI:R) but poses high impact (C:H, I:H, A:H) with a CVSS score of 7.5, and the patch is available in version 0.48.0.

RCE
CVE-2025-48279 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in the WC MyParcel Belgium WordPress plugin (versions 4.5.5 through beta) that allows unauthenticated attackers to inject arbitrary JavaScript into web pages viewed by users. An attacker can craft a malicious URL to execute scripts in a victim's browser within the context of the affected website, potentially stealing session cookies, performing unauthorized actions, or redirecting users to phishing sites. The CVSS 7.1 score reflects moderate severity with network-based attack vector, no privilege requirements, and user interaction dependency; active exploitation status and POC availability are currently unknown from public sources.

XSS Woocommerce PHP
CVE-2025-48267 HIGH CVSS 8.6
Path traversal vulnerability in ThimPress WP Pipes that allows unauthenticated remote attackers to access files outside restricted directories, potentially causing denial of service or information disclosure. Versions through 1.4.2 are affected. The vulnerability has a high CVSS score of 8.6 due to network accessibility and no authentication requirements, though the impact is limited to availability rather than confidentiality or integrity.

Path Traversal Wp Pipes
CVE-2025-48261 HIGH CVSS 7.5
CVE-2025-48261 is an information disclosure vulnerability in MultiVendorX that allows unauthenticated remote attackers to retrieve sensitive data embedded within sent data through a network-accessible interface. The vulnerability affects MultiVendorX versions up to and including 4.2.22, with a CVSS score of 7.5 indicating high confidentiality impact. While no active KEV or public POC details were provided in the available intelligence, the network-accessible attack vector (AV:N) and lack of privilege requirements (PR:N) make this a material risk for exposed instances.

Information Disclosure
CVE-2025-48143 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in the SalesUp! Contact Form plugin (versions up to 1.0.14) that allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users. The vulnerability requires user interaction (clicking a malicious link) but can compromise confidentiality, integrity, and availability across security boundaries (CVSS 7.1). There is no indication of active exploitation in the wild or confirmed proof-of-concept at this time based on available intelligence.

XSS
CVE-2025-48130 HIGH CVSS 7.5
Path traversal vulnerability in Spice Blocks (a WordPress plugin by spicethemes) affecting versions through 2.0.7.2 that allows unauthenticated remote attackers to read arbitrary files from the affected server. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector, no authentication required, and high confidentiality impact, making it a significant information disclosure risk for WordPress installations using this plugin.

Path Traversal
CVE-2025-48125 HIGH CVSS 8.1
Local File Inclusion (LFI) vulnerability in WP Event Manager WordPress plugin versions through 3.1.49 that allows unauthenticated remote attackers to include and execute arbitrary PHP files from the server filesystem. This CWE-98 vulnerability has a CVSS score of 8.1 (High severity) with high impact on confidentiality, integrity, and availability. While the vulnerability requires specific conditions (AC:H), its network accessibility and lack of authentication requirements make it a significant risk for affected WordPress installations.

PHP Lfi WordPress
CVE-2025-48124 HIGH CVSS 7.5
A path traversal vulnerability (CWE-22) in Holest Engineering's Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light plugin allows unauthenticated remote attackers to read arbitrary files from the server by manipulating file path parameters. The vulnerability affects all versions through 2.4.37 and has a CVSS score of 7.5, indicating high confidentiality impact with no authentication required. Real-world exploitability depends on confirmation of active exploitation status and proof-of-concept availability; the low attack complexity and network accessibility suggest this is a genuine, easily-exploitable threat to affected WordPress installations.

WordPress Path Traversal PHP
CVE-2025-48062 HIGH CVSS 7.1
A remote code execution vulnerability in Discourse (CVSS 7.1). High severity vulnerability requiring prompt remediation.

Code Injection Discourse
CVE-2025-48053 HIGH CVSS 7.5
Denial-of-service vulnerability in Discourse that allows unauthenticated remote attackers to reduce the availability of a Discourse instance by sending malicious URLs in private messages to bot users. The vulnerability affects Discourse versions prior to 3.4.4 (stable), 3.5.0.beta5 (beta), and 3.5.0.beta6-dev (tests-passed), with a CVSS 7.5 rating indicating high severity. No known public exploits or workarounds are currently available, but patches have been released.

Information Disclosure Discourse
CVE-2025-47651 HIGH CVSS 8.5
A SQL injection vulnerability in Infility Global (CWE-89) allows authenticated attackers to execute arbitrary SQL queries with network access, potentially leading to unauthorized data disclosure and limited availability impact. The vulnerability affects Infility Global versions up to and including 2.12.4, and the CVSS 8.5 score reflects high confidentiality impact; however, without confirmation of active exploitation (KEV status) or public POC availability, real-world risk depends on deployment prevalence and attacker motivation.

SQLi
CVE-2025-47561 HIGH CVSS 8.8
CVE-2025-47561 is an Incorrect Privilege Assignment vulnerability in PT Norther Lights Production MapSVG that allows authenticated users to escalate their privileges within the application. Affected versions are MapSVG prior to 8.6.13. An attacker with low-privilege login credentials can exploit this flaw to gain high-impact unauthorized access to sensitive data, modify critical information, and potentially disrupt service availability.

Privilege Escalation
CVE-2025-47527 HIGH CVSS 7.1
Missing Authorization vulnerability (CWE-862) in the Icegram Collect WordPress plugin versions up to 1.3.18 that allows authenticated attackers with low privileges to exploit misconfigured access controls. An attacker with a valid WordPress user account can modify or delete form data and potentially cause service disruption by leveraging inadequate authorization checks on sensitive operations, with no confidentiality impact but significant integrity and availability risks.

WordPress PHP Privilege Escalation
CVE-2025-47487 HIGH CVSS 7.1
A remote code execution vulnerability in moreconvert MC Woocommerce Wishlist allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.

WordPress XSS PHP
CVE-2025-47477 HIGH CVSS 7.1
A cross-site scripting vulnerability in revmakx Backup and Staging by WP Time Capsule allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.

XSS WordPress PHP
CVE-2025-47463 HIGH CVSS 7.1
Missing Authorization vulnerability in Fahad Mahmood's Stock Locations for WooCommerce plugin (versions up to 2.8.6) that allows authenticated users with low privileges to perform unauthorized actions including information disclosure and availability disruption. An attacker with basic user credentials can bypass access controls to modify stock locations or trigger denial-of-service conditions due to improper privilege verification. This vulnerability has a CVSS score of 7.1 (High) and affects WooCommerce installations using the vulnerable plugin; KEV status and active exploitation data are not currently confirmed in public advisories.

WordPress Authentication Bypass Woocommerce PHP
CVE-2025-45001 HIGH CVSS 7.5
react-native-keys version 0.7.11 contains a sensitive information disclosure vulnerability where encryption ciphers and Base64-encoded secrets are stored as plaintext in compiled native binaries, allowing attackers with network access to extract these credentials via static analysis of the binary. This affects all applications using the vulnerable library version, and the high CVSS score of 7.5 reflects the ease of exploitation (no authentication required) and significant confidentiality impact, though the practical risk depends on whether secrets are actually embedded at build time and the sensitivity of exposed data.

Information Disclosure React React Native Keys
CVE-2025-41444 HIGH CVSS 8.3
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior contain an authenticated SQL injection vulnerability in the alerts module (CWE-89) that allows authenticated users to execute arbitrary SQL commands. An attacker with valid credentials can exploit this network-accessible vulnerability to read sensitive data, modify database contents, or degrade system availability. The CVSS 8.3 score reflects high confidentiality and integrity impact, though authentication is required; real-world exploitation probability and active weaponization status cannot be confirmed without KEV/EPSS data access.

SQLi Zoho Authentication Bypass Manageengine Adaudit Plus
CVE-2025-40670 HIGH CVSS 8.8
CVE-2025-40670 is an incorrect authorization vulnerability in TCMAN's GIM (Gestion Integrada de Mantenimiento) v11 that allows an authenticated but unprivileged attacker to escalate privileges by creating new users with elevated permissions through an insecure API endpoint. An attacker with valid (low-privilege) credentials can POST to /PC/frmGestionUser.aspx/updateUser to arbitrarily assign administrative or other high-privilege roles to newly created accounts, resulting in complete system compromise. This vulnerability represents a critical privilege escalation risk in maintenance management systems, potentially affecting industrial and critical infrastructure environments that rely on TCMAN for asset management.

Authentication Bypass Privilege Escalation Gim
CVE-2025-39539 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in quitenicestuff Soho Hotel versions through 4.2.5 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users. With a CVSS score of 7.1 and network accessibility requiring only user interaction, this vulnerability enables attackers to steal session cookies, perform actions on behalf of victims, or redirect users to malicious sites. The vulnerability affects the hotel management software's input validation during web page generation, creating a reflected XSS attack vector that exploits insufficient output encoding.

XSS
CVE-2025-39476 HIGH CVSS 7.5
PHP Local File Inclusion (LFI) vulnerability in magentech Revo versions up to 4.0.26 that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. An attacker can exploit this to read sensitive files, execute code, or compromise the affected system; the vulnerability requires user interaction (UI:R) but carries high impact across confidentiality, integrity, and availability. While no public exploit code or KEV status is currently confirmed in available intelligence, the combination of network accessibility, high CVSS score (7.5), and file inclusion primitives makes this a notable risk for unpatched Revo installations.

PHP Information Disclosure
CVE-2025-39475 HIGH CVSS 8.1
Path Traversal vulnerability enabling PHP Local File Inclusion (LFI) in Frenify Arlo through version 6.0.3. The vulnerability allows unauthenticated remote attackers to read arbitrary files from the server filesystem by manipulating path parameters, potentially exposing sensitive configuration files, source code, and credentials. With a CVSS score of 8.1 and network-accessible attack vector, this vulnerability poses significant risk to confidentiality and integrity; exploitation likelihood and active weaponization status cannot be confirmed from available data, but the straightforward nature of path traversal attacks suggests moderate-to-high real-world exploitation probability.

PHP Path Traversal
CVE-2025-39473 HIGH CVSS 8.1
Path traversal vulnerability in WebGeniusLab Seofy Core (versions up to 1.4.5) that allows unauthenticated remote attackers to achieve PHP Local File Inclusion (LFI) with high complexity. The vulnerability enables attackers to read arbitrary files and potentially execute code on affected systems. No public indicators confirm active exploitation or KEV listing at this time, but the high CVSS score (8.1) and remote attack vector indicate significant risk requiring urgent patching.

PHP Path Traversal
CVE-2025-36528 HIGH CVSS 8.3
CVE-2025-36528 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus versions 8510 and earlier, affecting the Service Account Auditing reports functionality. An authenticated attacker with low privileges can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data disclosure, data modification, or partial denial of service. With a CVSS score of 8.3 and network-accessible attack vector, this represents a significant risk to organizations using affected versions, particularly in environments where administrative audit logs contain sensitive credentials and access patterns.

SQLi Zoho Information Disclosure Manageengine Adaudit Plus
CVE-2025-32595 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in Gavias Krowd versions up to 1.4.1 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper control of filename parameters in PHP include/require statements (CWE-98), enabling attackers to read sensitive files or execute malicious code with high complexity but high impact including confidentiality, integrity, and availability compromise. No public exploit code or active exploitation reports are currently available in standard vulnerability databases, but the high CVSS score (8.1) and network-accessible attack vector indicate significant risk for unpatched installations.

PHP Lfi RCE
CVE-2025-32308 HIGH CVSS 7.6
Missing Authorization vulnerability (CWE-862) in looks_awesome Team Builder versions up to 1.5.7 that allows authenticated attackers to exploit misconfigured access control security levels to gain unauthorized access to sensitive functionality. An attacker with valid credentials can bypass intended authorization checks to read, modify, or delete data they should not have access to. The CVSS 7.6 score reflects the combination of low attack complexity, authenticated access requirement, and moderate-to-high impact on confidentiality and integrity.

Information Disclosure
CVE-2025-32305 HIGH CVSS 7.1
A cross-site scripting vulnerability in Sneeit FlatNews allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.

XSS
CVE-2025-31925 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup SHOUT versions up to 3.5.3 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by victims. An attacker can craft a malicious URL containing JavaScript payloads that execute in the context of the victim's browser session, potentially stealing session tokens, credentials, or performing actions on behalf of the user. The vulnerability has a CVSS score of 7.1 (High), requires user interaction (clicking a malicious link), and affects network-accessible instances of SHOUT without authentication requirements.

XSS
CVE-2025-31920 HIGH CVSS 8.5
SQL Injection vulnerability in AmentoTech WP Guppy plugin versions through 4.3.3 that allows authenticated attackers to execute arbitrary SQL commands due to improper neutralization of special elements in SQL queries. With a CVSS score of 8.5 and network-based attack vector requiring only low privileges, an attacker with user-level access can exfiltrate sensitive data from the WordPress database and cause service disruption. The vulnerability's high severity is tempered by the requirement for authenticated access (PR:L), though the scope change (S:C) indicates potential lateral impact across other applications sharing the database.

SQLi
CVE-2025-31917 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Universal Video Player versions up to 3.8.3 that allows unauthenticated attackers to inject arbitrary JavaScript code into web pages viewed by victims. The vulnerability has a CVSS score of 7.1 (High) and affects the popular video player component across multiple web applications. While no public exploit code or KEV listing is indicated in available intelligence, the low attack complexity and user interaction requirement present moderate real-world risk to deployed instances.

XSS
CVE-2025-31638 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in themeton Spare versions up to 1.7 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. The vulnerability exists due to improper neutralization of user input during web page generation (CWE-79), enabling attackers to steal session tokens, perform actions on behalf of users, or redirect users to malicious sites. With a CVSS score of 7.1 and network-based attack vector requiring no special privileges, this vulnerability poses a moderate-to-significant risk to any organization deploying Spare.

XSS
CVE-2025-31635 HIGH CVSS 7.5
Path traversal vulnerability in LambertGroup CLEVER versions up to 2.6 that allows unauthenticated remote attackers to read arbitrary files from the affected system with high confidentiality impact. The vulnerability requires no user interaction and can be exploited over the network, making it a critical exposure for organizations running vulnerable CLEVER instances. While CVSS 7.5 indicates significant risk, actual exploitation depends on KEV listing status and public POC availability, which should be verified against current threat intelligence feeds.

Path Traversal
CVE-2025-31426 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup's Sticky Radio Player that allows unauthenticated attackers to inject malicious scripts into web pages through improper input sanitization. Versions 3.4 and earlier are affected, enabling attackers to execute arbitrary JavaScript in victims' browsers with user interaction. While the CVSS score of 7.1 indicates medium-to-high severity with potential for session hijacking and credential theft, real-world exploitability depends on KEV status, proof-of-concept availability, and deployment prevalence of this niche WordPress plugin.

XSS
CVE-2025-31061 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in redqteam's Wishlist plugin affecting versions up to 2.1.0. An unauthenticated attacker can craft malicious URLs containing unfiltered input that executes arbitrary JavaScript in a victim's browser when clicked, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction; current KEV/EPSS status and active exploitation details are not provided in available intelligence.

XSS
CVE-2025-31058 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Revolution Video Player versions up to 2.9.2 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by victims. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction, enabling attackers to steal session tokens, redirect users, or perform actions on behalf of victims. Without confirmation of active exploitation (KEV status) or public proof-of-concept, this represents a moderate real-world threat dependent on deployment prevalence and user interaction feasibility.

XSS
CVE-2025-31057 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Universal Video Player versions up to 1.4.0 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. The vulnerability has a CVSS score of 7.1 (High) with a network-based attack vector requiring user interaction. While the exact EPSS and KEV status cannot be confirmed from provided data, the reflected XSS classification and accessible attack surface suggest moderate-to-high real-world exploitation likelihood, particularly if POC code becomes available.

XSS
CVE-2025-31050 HIGH CVSS 7.5
Path traversal vulnerability in Apptha Slider Gallery versions up to 2.5 that allows unauthenticated remote attackers to read arbitrary files from the affected server by manipulating pathname parameters. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector requiring no privileges or user interaction, enabling confidentiality compromise of sensitive server files. Current KEV and EPSS status information is not provided in available sources, but the ease of exploitation (AC:L) and absence of authentication requirements significantly elevate real-world risk.

Path Traversal
CVE-2025-31045 HIGH CVSS 7.5
CVE-2025-31045 is an information disclosure vulnerability in the Elfsight Contact Form widget (versions through 2.3.1) that allows unauthenticated remote attackers to retrieve embedded sensitive data without any user interaction. The vulnerability exposes system information through an unauthorized control sphere, posing a high confidentiality risk with a CVSS score of 7.5. While the specific KEV status and EPSS probability are not provided in available sources, the network-accessible nature (AV:N) with no authentication required (PR:N) and lack of user interaction (UI:N) suggests this is readily exploitable by threat actors.

Information Disclosure
CVE-2025-31019 HIGH CVSS 8.8
CVE-2025-31019 is an authentication bypass vulnerability in miniOrange Password Policy Manager that allows authenticated attackers to escalate privileges and abuse authentication mechanisms through alternate pathways. Affected versions are 2.0.4 and earlier; attackers with low privileges (PR:L) can exploit this remotely without user interaction (UI:N) to achieve complete system compromise including confidentiality, integrity, and availability impacts. No public KEV or active exploitation data is available at this time, but the high CVSS score of 8.8 and authentication bypass nature indicate significant risk to WordPress sites using this plugin.

Authentication Bypass
CVE-2025-30183 HIGH CVSS 7.5
CyberData 011209 Intercom devices fail to properly store or protect web server administrator credentials, allowing unauthenticated remote attackers to obtain plaintext or weakly protected credentials with high confidence. This vulnerability (CVSS 7.5) affects web-based administrative interfaces and could lead to complete compromise of device configuration and control. No public exploit code or active KEV listing is confirmed at this time, but the vulnerability requires immediate attention due to the critical nature of credential exposure in networked intercom systems.

Information Disclosure 011209 Sip Emergency Intercom Firmware
CVE-2025-28992 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in SNS Anton theme versions up to 4.1 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper input validation on filename parameters in PHP include/require statements (CWE-98), enabling attackers to read sensitive files or achieve remote code execution through log poisoning or other local file abuse techniques. With a CVSS score of 8.1 and network-based attack vector, this represents a critical risk to affected WordPress installations, particularly if actively exploited in the wild or if public proof-of-concept code is available.

PHP Information Disclosure
CVE-2025-28945 HIGH CVSS 8.1
A remote code execution vulnerability in snstheme Valen - Sport (CVSS 8.1). High severity vulnerability requiring prompt remediation.

WordPress PHP Lfi Woocommerce
CVE-2025-28944 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in the snstheme Avaz plugin that allows unauthenticated remote attackers to include arbitrary PHP files via improper control of filename parameters in include/require statements. The vulnerability affects Avaz versions through 2.8 and has a CVSS score of 8.1 (high severity), enabling attackers to execute arbitrary code, read sensitive files, and compromise system integrity without requiring authentication or user interaction.

PHP Information Disclosure
CVE-2025-28888 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in BZOTheme GiftXtore versions through 1.7.4 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. This is a high-severity vulnerability (CVSS 8.1) that can lead to complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability stems from improper validation of filename parameters in PHP include/require statements, enabling attackers to access sensitive files or execute malicious code without authentication.

PHP Information Disclosure Lfi
CVE-2025-27709 HIGH CVSS 8.3
A SQL injection vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.

SQLi Zoho Information Disclosure Manageengine Adaudit Plus
CVE-2025-27362 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in BZOTheme Petito versions up to 1.6.2 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability exploits improper control of filename parameters in PHP include/require statements (CWE-98), enabling attackers to read sensitive files, execute code, or compromise server integrity with a CVSS score of 8.1 (High). While no public exploit code or KEV/EPSS data are confirmed in standard databases, the high CVSS and network accessibility make this a significant priority for affected organizations.

PHP Information Disclosure Lfi
CVE-2025-26592 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in AncoraThemes Inset theme affecting versions through 1.18.0, allowing unauthenticated remote attackers to include and execute arbitrary local files on vulnerable servers. This CWE-98 vulnerability stems from improper control of filename parameters in PHP include/require statements, with a CVSS score of 8.1 (High) reflecting significant confidentiality, integrity, and availability impact. The moderate attack complexity (AC:H) suggests exploitation requires specific conditions or knowledge, though the network-accessible attack vector (AV:N) and lack of privilege requirements (PR:N) make this practically exploitable.

PHP Information Disclosure
CVE-2025-26468 HIGH CVSS 7.5
CVE-2025-26468 is an unauthenticated denial-of-service vulnerability in CyberData 011209 Intercom systems that allows remote attackers to disrupt system availability without requiring authentication or user interaction. The vulnerability has a CVSS score of 7.5 (High) with a network attack vector, indicating significant real-world risk from remote exploitation. While active exploitation status and POC availability cannot be confirmed from the provided data, the lack of authentication requirements (PR:N, UI:N) makes this a critical priority for affected organizations.

Information Disclosure 011209 Sip Emergency Intercom
CVE-2025-24770 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in BZOTheme CraftXtore versions up to 1.7 that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. The vulnerability has a CVSS score of 8.1 (high severity) with network accessibility and high impact to confidentiality, integrity, and availability. Exploitation requires moderate attack complexity but no user interaction or privileges, making it a significant risk if actively exploited or proof-of-concept code becomes public.

PHP Information Disclosure
CVE-2025-24768 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in snstheme Nitan theme affecting versions through 2.9, allowing unauthenticated remote attackers to include and execute arbitrary local files on the server. While the CVSS score of 8.1 indicates high severity with potential for confidentiality, integrity, and availability impact, the attack complexity is marked as HIGH, suggesting exploitation requires specific conditions or server configurations. The vulnerability stems from improper validation of filename parameters in PHP include/require statements (CWE-98), a classic but dangerous class of web application flaws.

PHP Lfi RCE
CVE-2025-23974 HIGH CVSS 8.1
CVE-2025-23974 is an Incorrect Privilege Assignment vulnerability in ifkooo One-Login that enables unauthenticated remote privilege escalation. Versions 1.4 and earlier are affected, allowing attackers to gain high-impact unauthorized access to sensitive functions without user interaction. The CVSS 8.1 score reflects significant risk, though the high attack complexity (AC:H) suggests exploitation requires specific conditions; KEV/POC status and active exploitation data are not available in provided intelligence.

Privilege Escalation
CVE-2025-5914 HIGH CVSS 7.8
CVE-2025-5914 is an integer overflow vulnerability in libarchive's archive_read_format_rar_seek_data() function that leads to a double-free memory corruption condition. This affects all users of libarchive who process untrusted RAR archive files, potentially allowing arbitrary code execution or denial-of-service with user interaction (opening a malicious RAR file). While no KEV listing or confirmed public exploits are currently documented, the high CVSS score (7.8) and memory safety nature of the vulnerability indicate significant real-world risk if weaponized.

Buffer Overflow RCE Enterprise Linux Libarchive Openshift Container Platform
CVE-2025-5902 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setUpgradeFW function in the POST request handler. An authenticated remote attacker can exploit improper input validation on the slaveIpList parameter to achieve complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an actively exploitable threat.

Buffer Overflow TP-Link RCE T10 Firmware TOTOLINK
CVE-2025-5901 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the UploadCustomModule function in the POST request handler at /cgi-bin/cstecgi.cgi. An authenticated remote attacker can exploit this vulnerability by manipulating the File argument to achieve buffer overflow, resulting in complete system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and represents an immediate threat to affected devices.

Buffer Overflow TP-Link RCE T10 Firmware TOTOLINK
CVE-2025-5894 HIGH CVSS 8.8
Critical Missing Authorization (CWE-862) vulnerability in Honding Technology's Smart Parking Management System that allows authenticated users with regular privileges to bypass authorization controls and create administrator accounts without proper authorization checks. Attackers can leverage this flaw to escalate privileges, create backdoor admin accounts, and gain full system control (confidentiality, integrity, and availability impact). The CVSS 8.8 score reflects the high severity, though real-world exploitability depends on whether this vulnerability is actively exploited in the wild and whether public proof-of-concept code exists.

Information Disclosure
CVE-2025-5875 HIGH CVSS 8.8
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link RCE IoT Tl Ipc544ep W4 Firmware
CVE-2025-5870 HIGH CVSS 7.3
Critical authentication bypass vulnerability in TRENDnet TV-IP121W IP camera (version 1.1.1 Build 36) affecting the /admin/setup.cgi web interface endpoint. An unauthenticated remote attacker can bypass authentication controls to gain unauthorized administrative access, potentially allowing unauthorized configuration changes, data theft, or device compromise. A public exploit has been disclosed, the vendor has not responded to early disclosure, and the vulnerability exhibits moderate real-world exploitation probability given its network-accessible nature and lack of authentication requirements.

Authentication Bypass
CVE-2025-5869 HIGH CVSS 8.0
Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_recvfrom syscall handler that allows authenticated local attackers to corrupt kernel memory through improper argument validation. An attacker with local access and limited privileges can exploit this to achieve arbitrary code execution or denial of service, potentially compromising the entire embedded system running RT-Thread.

Buffer Overflow Rt Thread
CVE-2025-5868 HIGH CVSS 8.0
Critical array index validation vulnerability in RT-Thread 5.1.0's signal mask syscall handler that allows authenticated local attackers to read and modify kernel memory with high impact. The vulnerability exists in the sys_thread_sigprocmask function where improper validation of the 'how' parameter enables out-of-bounds array access, potentially leading to privilege escalation or denial of service. This is an actively exploitable vulnerability requiring local access and low privileges with no user interaction needed.

Information Disclosure Rt Thread
CVE-2025-5867 HIGH CVSS 8.0
Critical null pointer dereference vulnerability in RT-Thread 5.1.0's lwp_syscall.c csys_sendto function, allowing authenticated local attackers to cause denial of service and potentially achieve code execution with high integrity impact. The vulnerability requires local access and valid credentials but exploits a memory safety flaw in a core system call handler that could be leveraged for privilege escalation or system instability in embedded/IoT deployments running RT-Thread.

Denial Of Service Rt Thread
CVE-2025-5866 HIGH CVSS 8.0
A security vulnerability in A vulnerability classified as critical (CVSS 8.0). Risk factors: public PoC available.

Buffer Overflow Privilege Escalation Rt Thread
CVE-2025-5865 HIGH CVSS 8.0
Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_select syscall handler that allows authenticated local attackers to corrupt kernel memory by manipulating the timeout parameter. The vulnerability affects the lwp (lightweight process) component and has a CVSS score of 8.0 with potential for code execution, information disclosure, and denial of service. No public exploit code or active in-the-wild exploitation has been confirmed at this time, but the critical severity rating and memory corruption nature warrant immediate patching.

Buffer Overflow Rt Thread
CVE-2025-5863 HIGH CVSS 8.8
A critical stack-based buffer overflow vulnerability exists in Tenda AC5 router firmware version 15.03.06.47, affecting the rebootTime parameter in the /goform/SetRebootTimer endpoint. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). Public exploitation code is available, and the vulnerability has been disclosed, increasing real-world exploitation risk.

Buffer Overflow Ac5 Firmware Tenda
CVE-2025-5862 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in Tenda AC7 wireless router firmware version 15.03.06.44, affecting the PPTP user list configuration function. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow Ac7 Firmware Tenda
CVE-2025-5861 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in Tenda AC7 router firmware version 15.03.06.44, affecting the LAN IP configuration function. An authenticated attacker can exploit improper input validation in the 'lanMask' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability meets criteria for active exploitation.

Buffer Overflow Ac7 Firmware Tenda
CVE-2025-5860 HIGH CVSS 7.3
SQL injection vulnerability in PHPGurukul Maid Hiring Management System 1.0 affecting the /admin/search-booking-request.php file, where unsanitized user input in the 'searchdata' parameter allows unauthenticated remote attackers to execute arbitrary SQL queries. With a CVSS score of 7.3 and publicly disclosed exploit code available, this vulnerability poses significant risk to confidentiality, integrity, and availability of affected systems. Active exploitation is likely given the public POC availability and network-accessible attack vector.

PHP SQLi Maid Hiring Management System
CVE-2025-5856 HIGH CVSS 7.3
Critical SQL injection vulnerability in PHPGurukul BP Monitoring Management System version 1.0, specifically in the /registration.php file's emailid parameter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit details available, creating immediate risk for unpatched installations.

PHP SQLi Bp Monitoring Management System
CVE-2025-5855 HIGH CVSS 8.8
Critical stack-based buffer overflow vulnerability in Tenda AC6 firmware version 15.03.05.16 that allows authenticated remote attackers to execute arbitrary code by sending a specially crafted rebootTime parameter to the SetRebootTimer endpoint. The vulnerability has been publicly disclosed with working exploits available, posing immediate risk to deployed devices, though exploitation requires valid user credentials.

Buffer Overflow Ac6 Firmware Tenda
CVE-2025-5854 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in Tenda AC6 firmware version 15.03.05.16 affecting the LAN IP configuration endpoint. An authenticated remote attacker can exploit improper input validation in the lanMask parameter of the /goform/AdvSetLanip function to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed, making this an active threat with elevated real-world risk despite the authentication requirement.

Buffer Overflow Ac6 Firmware Tenda
CVE-2025-5853 HIGH CVSS 8.8
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow Ac6 Firmware Tenda
CVE-2025-5852 HIGH CVSS 8.8
Critical buffer overflow vulnerability in Tenda AC6 router firmware version 15.03.05.16, affecting the PPTP user list configuration function accessible via the /goform/setPptpUserList endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'list' argument to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow Ac6 Firmware Tenda
CVE-2025-5851 HIGH CVSS 8.8
A critical buffer overflow vulnerability exists in Tenda AC15 firmware version 15.03.05.19_multi affecting the HTTP POST request handler for the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit improper input validation of the lanMask parameter to achieve buffer overflow, leading to arbitrary code execution, information disclosure, and denial of service. Public exploit code is available and the vulnerability is actively disclosed, increasing real-world exploitation risk.

Buffer Overflow Ac15 Firmware Tenda
CVE-2023-26005 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in BZOTheme Fitrush versions up to 1.3.4 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper control of filenames in PHP include/require statements (CWE-98), enabling attackers to read sensitive files or achieve remote code execution depending on server configuration. While the CVSS score is 8.1 (high severity), the CVSS vector indicates high attack complexity (AC:H), suggesting exploitation may require specific environmental conditions or knowledge of the target system's file structure.

PHP Information Disclosure
CVE-2023-25999 HIGH CVSS 8.1
A remote code execution vulnerability in snstheme BodyCenter - Gym (CVSS 8.1). High severity vulnerability requiring prompt remediation.

WordPress PHP Lfi Woocommerce
CVE-2025-49139 MEDIUM CVSS 5.3
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited, the client's browser will query the supplied URL. An authenticated attacker can create a HAX site with a website block pointing at an attacker-controlled server running Responder or a similar tool. The attacker can then conduct a phishing attack by convincing another user to visit their malicious HAX site to harvest credentials. Version 11.0.0 contains a patch for the issue.

PHP XSS Haxcms Nodejs Haxcms Php
CVE-2025-49138 MEDIUM CVSS 6.5
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as /etc/passwd, application secrets, or configuration files accessible to the web server (www-data). The vulnerability stems from the way the HAXCMS backend handles the location field in the site's outline. When a user sends a POST request to /system/api/saveOutline, the backend stores the provided location value directly into the site.json file associated with the site, without validating or sanitizing the input. Later the location parameter is interpreted by the CMS to resolve and load the content for a given node. If the location field contains a relative path like `../../../etc/passwd`, the application will attempt to read and render that file. Version 11.0.0 fixes the issue.

PHP Path Traversal Haxcms Php
CVE-2025-49131 MEDIUM CVSS 6.3
FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container (fastgpt-sandbox) is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated code in isolation. The sandbox before version 4.9.11 has insufficient isolation and inadequate restrictions on code execution by allowing overly permissive syscalls, which allows attackers to escape the intended sandbox boundaries. Attackers could exploit this to read and overwrite arbitrary files and bypass Python module import restrictions. This is patched in version 4.9.11 by restricting the allowed system calls to a safer subset and additional descriptive error messaging.

Python RCE Fastgpt
CVE-2025-49130 MEDIUM CVSS 6.0
Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user's browser, allowing them to steal sensitive data, hijack user sessions, or conduct other malicious activities. Only authenticated users with access to the translation manager are impacted. The issue is fixed in version 0.6.8.

Information Disclosure XSS
CVE-2025-48147 MEDIUM CVSS 6.5
Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through 2.1.2.

Authentication Bypass
CVE-2025-48139 MEDIUM CVSS 6.5
A security vulnerability in Missing Authorization vulnerability in relentlo StyleAI (CVSS 6.5) that allows accessing functionality not properly constrained. Remediation should follow standard vulnerability management procedures.

Authentication Bypass
CVE-2025-47712 MEDIUM CVSS 6.5
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.

Denial Of Service Integer Overflow Ubuntu Debian Nbdkit
CVE-2025-47711 MEDIUM CVSS 6.5
CVE-2025-47711 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian Nbdkit Enterprise Linux Advanced Virtualization
CVE-2025-47598 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 allows Stored XSS. This issue affects History Log by click5: from n/a through 1.0.13.

XSS
CVE-2025-47511 MEDIUM CVSS 6.5
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nanbu Welcart e-Commerce allows Path Traversal. This issue affects Welcart e-Commerce: from n/a through 2.11.13.

Path Traversal
CVE-2025-46178 MEDIUM CVSS 6.1
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement.

PHP XSS Cloudclassroom Php Project
CVE-2025-46041 MEDIUM CVSS 5.4
A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add).

XSS Anchor Cms
CVE-2025-45055 MEDIUM CVSS 5.4
Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when viewed by an administrator, executes embedded JavaScript in the admin's session. This allows attackers to escalate privileges by creating a new administrator account. The vulnerability arises from insufficient sanitization of SVG files and weak CSRF protections.

CSRF XSS Silverpeas
CVE-2025-45002 MEDIUM CVSS 5.4
Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile.

XSS Vigybag
CVE-2025-41437 MEDIUM CVSS 4.3
Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on the login page.

XSS
CVE-2025-40675 MEDIUM CVSS 6.1
A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the parameter 'query' in '/search'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

XSS Bagisto
CVE-2025-40669 MEDIUM CVSS 6.5
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.

Authentication Bypass Gim
CVE-2025-40668 MEDIUM CVSS 6.5
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.

Authentication Bypass Gim
CVE-2025-30507 MEDIUM CVSS 5.3
CyberData 011209 Intercom could allow an unauthenticated user to gather sensitive information through blind SQL injections.

SQLi 011209 Sip Emergency Intercom Firmware
CVE-2025-29627 MEDIUM CVSS 6.8
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module

Apple Authentication Bypass Keeperchat iOS
CVE-2025-25209 MEDIUM CVSS 5.7
The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead of copying it to the referred namespace. This creates space for a malicious actor with a developer persona access to leak those secrets over HTTP connection, as long the attacker knows the name of the targeted secrets and those secrets are limited to one line only.

Redhat Information Disclosure
CVE-2025-25208 MEDIUM CVSS 5.7
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster

Denial Of Service Redhat Suse
CVE-2025-25207 MEDIUM CVSS 5.7
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with developer persona access can add a large number of those callbacks to be executed by Authorino and as the authentication policy is enforced by a single instance of the service, this leada to a Denial of Service in Authorino while processing the post-authorization callbacks.

Redhat Denial Of Service Suse
CVE-2025-5915 MEDIUM CVSS 6.6
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.

Buffer Overflow Heap Overflow Denial Of Service Ubuntu Debian
CVE-2025-5900 MEDIUM CVSS 4.3
A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CSRF Ac9 Firmware Tenda
CVE-2025-5899 MEDIUM CVSS 5.3
A security vulnerability in A vulnerability classified as critical (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian Suse
CVE-2025-5898 MEDIUM CVSS 5.3
A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Buffer Overflow Ubuntu Debian Suse
CVE-2025-5897 MEDIUM CVSS 4.3
A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely.

Denial Of Service Vue Cli
CVE-2025-5896 MEDIUM CVSS 4.3
A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-native/src/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 4.1.2 is able to address this issue. The name of the patch is c2e321a8b6fc873427c466c69f41ed0b5e8814bf. It is recommended to upgrade the affected component.

Denial Of Service Taro
CVE-2025-5895 MEDIUM CVSS 4.3
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue.

Denial Of Service Metabase
CVE-2025-5892 MEDIUM CVSS 4.3
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Denial Of Service Rocket.Chat
CVE-2025-5891 MEDIUM CVSS 4.3
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Denial Of Service Pm2
CVE-2025-5890 MEDIUM CVSS 4.3
A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely.

Denial Of Service
CVE-2025-5888 MEDIUM CVSS 4.3
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CSRF Webstack Guns
CVE-2025-5885 MEDIUM CVSS 4.3
A vulnerability has been found in Konica Minolta bizhub up to 20250202 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CSRF Bizhub
CVE-2025-5881 MEDIUM CVSS 6.3
A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Chat System
CVE-2025-5880 MEDIUM CVSS 4.3
A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal
CVE-2025-5877 MEDIUM CVSS 6.3
CVE-2025-5877 is a security vulnerability (CVSS 6.3). Risk factors: public PoC available.

Microsoft PHP XXE Feng Office
CVE-2025-5876 MEDIUM CVSS 5.3
A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Authentication Bypass
CVE-2025-5874 MEDIUM CVSS 4.6
A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been rated as problematic. This issue affects the function run_query of the file /query_runner/python.py of the component getattr Handler. The manipulation leads to sandbox issue. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains, that "[t]he Python data source is disabled by default and is clearly marked in our documentation as discouraged due to its security implications. Users who choose to enable it are doing so at their own risk, with full awareness that it bypasses standard safeguards."

Python Privilege Escalation
CVE-2025-5873 MEDIUM CVSS 6.3
A security vulnerability in eCharge Hardy Barth Salia PLCC (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

PHP Authentication Bypass File Upload
CVE-2025-5872 MEDIUM CVSS 5.3
A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Authentication Bypass
CVE-2025-5871 MEDIUM CVSS 5.3
A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Authentication Bypass
CVE-2025-5859 MEDIUM CVSS 6.3
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Nipah Virus Testing Management System
CVE-2025-5858 MEDIUM CVSS 6.3
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Nipah Virus Testing Management System
CVE-2025-5857 MEDIUM CVSS 6.3
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Patient Record Management System
CVE-2025-4652 MEDIUM CVSS 6.1
The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

WordPress XSS Broadstreet PHP
CVE-2025-3582 MEDIUM CVSS 4.8
The Newsletter WordPress plugin before 8.85 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

WordPress XSS Newsletter PHP
CVE-2025-3581 MEDIUM CVSS 4.8
The Newsletter WordPress plugin before 8.8.5 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

WordPress XSS Newsletter PHP
CVE-2024-47081 MEDIUM CVSS 5.3
A security vulnerability in Requests (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian Redhat Suse
CVE-2024-46452 MEDIUM CVSS 6.1
A remote code execution vulnerability (CVSS 6.1) that allows attackers. Remediation should follow standard vulnerability management procedures.

Code Injection
CVE-2025-5918 LOW CVSS 3.9
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Buffer Overflow Information Disclosure Ubuntu Debian
CVE-2025-5917 LOW CVSS 2.8
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.

Buffer Overflow Memory Corruption Ubuntu Debian
CVE-2025-5916 LOW CVSS 3.9
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.

Buffer Overflow Integer Overflow Ubuntu Debian
CVE-2025-5889 LOW CVSS 3.1
A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.12, 2.0.2, 3.0.1 and 4.0.1 is able to address this issue. The name of the patch is a5b98a4f30d7813266b221435e1eaaf25a1b0ac5. It is recommended to upgrade the affected component.

Denial Of Service Ubuntu Debian
CVE-2025-5887 LOW CVSS 3.5
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
CVE-2025-5886 LOW CVSS 3.5
A vulnerability was found in Emlog up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin/article.php. The manipulation of the argument active_post leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP XSS
CVE-2025-5884 LOW CVSS 3.5
A vulnerability, which was classified as problematic, was found in Konica Minolta bizhub up to 20250202. This affects an unknown part of the component Display MFP Information List. The manipulation of the argument Model Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

XSS
CVE-2025-5879 LOW CVSS 3.5
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

File Upload Java XSS
CVE-2025-5864 LOW CVSS 3.7
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/ConfirmSmsCode of the component Password Reset Confirmation Code Handler. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.15 is able to address this issue. It is recommended to upgrade the affected component.

Information Disclosure Tenda

Today's Vulnerabilities Vulnerabilities