Dell Wyse Management Suite versions prior to 5.2 contain an Absolute Path Traversal vulnerability (CWE-36) that allows unauthenticated remote attackers to read arbitrary files and gain unauthorized access without user interaction. The CVSS 8.2 score reflects high confidentiality impact and low integrity impact, with network-based attack vector requiring no privileges or interaction. No KEV/CISA active exploitation data, EPSS score, or public POC is currently confirmed in available intelligence, but the unauthenticated remote nature and path traversal primitive warrant immediate patching.
Adobe Commerce versions 2.4.8 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability (CVE-2025-47110, CVSS 8.4) in form field validation that allows high-privileged attackers to inject malicious JavaScript into the application. When other high-privileged users view pages containing the injected payload, the malicious script executes in their browser context, potentially compromising confidentiality, integrity, and availability across multiple privileged accounts. The vulnerability requires high privileges to exploit but affects other high-privileged users, making it a significant concern in multi-admin environments.
Local privilege escalation vulnerability in IBM AIX 7.3 and IBM VIOS 4.1.1's Perl implementation that allows non-privileged local users to execute arbitrary code through improper pathname neutralization (path traversal). With a CVSS score of 8.4 and no authentication requirement, this represents a critical risk for AIX environments where local user access exists. The vulnerability's active exploitation status and proof-of-concept availability would significantly elevate real-world risk.
CVE-2025-0052 is an improper input validation vulnerability in Pure Storage FlashBlade's authentication process that allows unauthenticated network attackers to trigger a denial of service condition with high availability impact. While the CVSS score of 8.3 reflects significant availability risk, the high attack complexity (AC:H) suggests practical exploitation requires specific conditions. No confirmed KEV/CISA status, active exploitation, or public POC has been disclosed at the time of analysis.
Cross-site scripting (XSS) vulnerability in the Nuance Digital Engagement Platform that allows unauthenticated attackers to inject malicious scripts into web pages generated by the platform. This vulnerability enables spoofing attacks and potential credential theft or session hijacking over the network with only user interaction required. With a CVSS score of 8.2 and network-accessible attack vector, this represents a significant risk to organizations deploying Nuance's engagement platform, particularly given the high impact on confidentiality and cross-site scope implications.
Stored Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects BI Workspace that allows unauthenticated attackers to inject and persist malicious JavaScript code within workspaces. When authenticated users access compromised workspaces, the malicious script executes in their browser context, potentially exposing sensitive session tokens, cookies, and user data. The vulnerability has a CVSS score of 8.2 (High) with significant confidentiality impact; while KEV/EPSS data and active exploitation status are not provided in available intelligence, the attack requires user interaction and authentication context, moderating real-world severity despite the high CVSS rating.
Adobe Commerce versions 2.4.8 and earlier contain an improper authorization vulnerability (CWE-285) that allows unauthenticated attackers to bypass security features and gain unauthorized access to sensitive functionality. This vulnerability has a high integrity impact and can be exploited remotely without user interaction, making it a critical priority for Adobe Commerce administrators. The 8.2 CVSS score combined with the network-accessible attack vector and lack of authentication requirements indicates significant real-world risk.
Use-after-free memory corruption vulnerability in Windows KDC Proxy Service (KPSSVC) that allows unauthenticated network attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability affects Windows systems running the Kerberos KDC Proxy Service and represents a critical remote code execution risk in Active Directory environments. While specific KEV/POC status and EPSS scores are not provided in the source data, the network attack vector combined with high CVSS 8.1 score and remote code execution capability indicates this is a significant priority for organizations relying on Windows authentication infrastructure.
Critical arbitrary write vulnerability in Microsoft-signed UEFI firmware that permits attackers with high privileges to execute untrusted code and modify firmware settings stored in NVRAM, potentially enabling persistence mechanisms and full system compromise. The vulnerability affects UEFI implementations across multiple Microsoft platforms, with a CVSS score of 8.2 reflecting high severity. While specific KEV status and EPSS probability data were not provided in available sources, the local attack vector and high privilege requirement suggest this poses elevated risk primarily to targeted systems rather than widespread exploitation.
Use-of-uninitialized-resource vulnerability in Windows Netlogon that allows unauthenticated network attackers to achieve privilege escalation through a complex exploitation path. The vulnerability affects Windows systems running Netlogon services and enables remote code execution with high impact on confidentiality, integrity, and availability. Given the network-based attack vector and lack of authentication requirements, this represents a significant threat to networked Windows environments, though exploitation requires specific conditions (high attack complexity).
Memory management vulnerability in Windows Cryptographic Services where memory is not properly released after its effective lifetime, enabling unauthenticated remote code execution. The vulnerability affects Windows cryptographic components and allows network-based attackers to execute arbitrary code with high complexity requirements. While the CVSS score of 8.1 indicates significant severity, exploitation requires specific conditions (high attack complexity), and current status regarding KEV listing, EPSS score, and public POC availability is unknown pending official Microsoft advisory release.
Use-after-free vulnerability in Windows Remote Desktop Services (RDS) that allows unauthenticated network attackers to execute arbitrary code with high complexity requirements. The vulnerability affects Windows systems running RDS and represents a critical remote code execution risk; exploitation requires network access but no user interaction, though attack complexity is rated as high. If this CVE has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, it indicates active exploitation in the wild and should be treated as an immediate priority.
PHP Local File Inclusion (LFI) vulnerability in LoftOcean TinySalt versions before 3.10.0, caused by improper control of filenames in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this network-accessible vulnerability with moderate complexity to read arbitrary files, execute code, and potentially achieve remote code execution, though exploitation requires specific conditions due to high attack complexity. The vulnerability has not been confirmed as actively exploited in the wild (KEV status unknown), but represents a critical risk for exposed TinySalt installations.
Critical authentication bypass vulnerability in ArchiverSpaApi ASP.NET applications caused by hard-coded JWT signing keys. An unauthenticated remote attacker can forge valid JWT tokens to bypass authentication and gain unauthorized access to protected API endpoints, potentially leading to data exfiltration, modification, or denial of service. The CVSS 8.1 score reflects high confidentiality, integrity, and availability impact, though the attack complexity is rated as high, suggesting some technical prerequisites.
A remote code execution vulnerability (CVSS 8.1). High severity vulnerability requiring prompt remediation.
CVE-2025-26521 is a security vulnerability (CVSS 8.1). High severity vulnerability requiring prompt remediation.
CVE-2025-47968 is an improper input validation vulnerability in Microsoft AutoUpdate (MAU) that allows a locally authenticated attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (High), indicating significant impact with confidentiality, integrity, and availability compromise. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the local attack vector with low complexity and low privilege requirement suggests elevated real-world risk for multi-user or shared systems.
CVE-2023-20599 is an improper register access control vulnerability in AMD's ASP (AMD Secure Processor) that allows a privileged local attacker to gain unauthorized access to the Crypto Co-Processor (CCP) registers, potentially compromising cryptographic key management and leading to loss of confidentiality or integrity. The vulnerability affects AMD EPYC and Ryzen processors with ASP implementations. While the CVSS score of 7.9 indicates high severity, exploitation requires high privilege level (PR:H) and local access (AV:L), limiting real-world attack surface; however, this is an actively tracked vulnerability relevant to data center and workstation security.
Local code execution vulnerability in Microsoft Office Outlook triggered by improper path traversal handling (CWE-35) in the '.../...//' sequence. Authorized users with local access can exploit this to execute arbitrary code with the privileges of the Outlook process, achieving high confidentiality, integrity, and availability impact. This vulnerability requires local access and existing user privileges but no user interaction, making it a significant risk for multi-user systems or compromised local accounts.
Privilege escalation vulnerability in Windows Installer that exploits improper symlink/junction handling (CWE-59: link following) to allow an authorized local attacker to elevate privileges without user interaction. With a CVSS score of 7.8 and CVSS vector indicating local attack vector with low complexity and no user interaction required, this vulnerability affects Windows Installer across multiple versions. Real-world risk depends on KEV/CISA status and EPSS probability, which should be cross-referenced against active exploitation reports and POC availability.
CVE-2025-32718 is an integer overflow vulnerability in Windows SMB that allows a locally authenticated attacker to achieve privilege escalation with high impact to confidentiality, integrity, and availability. The vulnerability affects Windows operating systems' SMB implementation and has a CVSS score of 7.8 (High) with low attack complexity, making it a significant local privilege escalation risk for multi-user systems and domain environments.
Protection mechanism failure in Windows DHCP Server that enables network-based denial-of-service attacks without requiring authentication or user interaction. An attacker can remotely exploit this vulnerability to render DHCP services unavailable, disrupting network connectivity for affected systems. The high CVSS score of 7.5 and network attack vector indicate significant availability impact, though no confidentiality or integrity compromise occurs.
Network-accessible denial-of-service vulnerability in Windows DHCP Server caused by a protection mechanism failure (CWE-693), allowing unauthenticated attackers to exhaust server availability without requiring authentication or user interaction. The vulnerability affects Windows DHCP Server implementations across multiple versions and has a CVSS severity of 7.5 (High). While the description does not explicitly reference KEV inclusion, active exploitation status, or EPSS data, the low attack complexity (AC:L) and network accessibility (AV:N) combined with no authentication requirements indicate this represents a credible denial-of-service threat to DHCP infrastructure.
CVE-2025-32716 is an out-of-bounds read vulnerability in Windows Media that allows an authenticated local attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (high severity) due to its impact on confidentiality, integrity, and availability. Without confirmation of KEV status, active exploitation, or public POC availability from the provided data, the real-world risk assessment requires evaluation against the moderate attack complexity (local access required, authenticated user needed).
Heap-based buffer overflow vulnerability in the Windows Common Log File System (CLFS) Driver that allows local authenticated attackers to achieve privilege escalation with high confidence of exploitation. The vulnerability affects Windows systems with the CLFS driver enabled and requires local access with standard user privileges; successful exploitation grants complete system compromise including code execution at SYSTEM level. While no public POC is confirmed in available intelligence, the straightforward nature of heap overflows and the high CVSS score (7.8) with low attack complexity indicate active research interest and potential for rapid weaponization.
Use-after-free vulnerability in the Windows Win32K graphics subsystem (GRFX component) that allows a locally authenticated attacker to achieve arbitrary code execution and privilege escalation without user interaction. The vulnerability affects Windows systems with affected Win32K versions and carries a CVSS score of 7.8 (high severity). Given the local attack vector requirement and the need for prior authentication, real-world exploitation is constrained to insider threats or attackers who have already achieved initial access; however, the severity of the impact (complete system compromise) makes this a critical priority for patching.
Local privilege escalation vulnerability in Windows Installer caused by improper access control (CWE-284) that allows an authorized local attacker to elevate privileges without user interaction. The vulnerability affects Windows Installer components across multiple Windows versions and has a CVSS score of 7.8 (High severity). Without confirmation of KEV status or active exploitation data, the high CVSS vector (Low attack complexity, Low privileges required) indicates this represents a significant risk to systems where local user accounts exist.
CVE-2025-47962 is an improper access control vulnerability in Windows SDK that allows an authenticated local attacker to escalate privileges without user interaction. The vulnerability affects Windows SDK components and presents a high risk due to its CVSS score of 7.8 (High severity) with high impact on confidentiality, integrity, and availability. While no active exploitation in the wild (KEV status) or public POC has been confirmed at this time, the low attack complexity and requirement for only local user privileges make this a significant priority for Windows environments.
Privilege escalation vulnerability in Windows Remote Access Connection Manager that allows an authenticated local attacker to elevate privileges to a higher integrity level without user interaction. The vulnerability affects Windows systems with Remote Access Connection Manager enabled and has a CVSS score of 7.8 (High severity). While no active exploitation in the wild has been publicly confirmed at this time, the local attack vector combined with low complexity and no user interaction requirement makes this a significant risk for multi-user or compromised systems where an attacker already has local access.
Heap-based buffer overflow vulnerability in Microsoft Office Word that allows local, unauthenticated attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability requires user interaction (opening a malicious document) but no elevated privileges, making it a significant local code execution threat affecting Word users who open untrusted documents.
Use-after-free vulnerability in Microsoft Office Word that allows local, unauthenticated attackers to execute arbitrary code with high severity (CVSS 7.8). The vulnerability requires user interaction (opening a malicious document) but grants complete system compromise through code execution. This is a memory safety issue (CWE-416) in Word's document processing engine that could be actively exploited if public POC becomes available.
CVE-2025-47173 is an improper input validation vulnerability in Microsoft Office that allows local code execution without requiring user privileges, though user interaction is needed. An attacker with local access can craft a malicious Office document that, when opened by a user, executes arbitrary code with the privileges of the affected Office application. This vulnerability affects Microsoft Office products across multiple versions and poses a moderate-to-high risk given its local attack vector and high impact on confidentiality, integrity, and availability.
Heap-based buffer overflow vulnerability in Microsoft Office Excel that allows local attackers to execute arbitrary code with high privileges (confidentiality, integrity, and availability impact). The vulnerability requires user interaction (opening a malicious Excel file) but no special privileges, making it a practical threat to Excel users. With a CVSS score of 7.8 and local attack vector, this represents a significant code execution risk for organizations relying on Excel for document processing.
Use-after-free vulnerability in Microsoft Office Word that allows local, unauthenticated attackers to execute arbitrary code with high impact (confidentiality, integrity, availability). The vulnerability requires user interaction (e.g., opening a malicious document) but has low attack complexity, making it a significant local code execution threat. Without confirmed KEV status or EPSS data provided, the CVSS 7.8 score indicates high severity, though real-world exploitability depends on whether public exploits or proofs-of-concept have emerged.
Use After Free (UAF) vulnerability in Adobe Acrobat Reader that allows arbitrary code execution with the privileges of the current user. Affected versions include 24.001.30235, 20.005.30763, 25.001.20521 and earlier across multiple release tracks. Exploitation requires user interaction (opening a malicious PDF file), but the high CVSS score of 7.8 and local attack vector indicate significant real-world risk; KEV and active exploitation status should be confirmed from official sources.
A remote code execution vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.
Use After Free (UAF) vulnerability in Adobe Acrobat Reader affecting versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier that enables arbitrary code execution with the privileges of the current user. The vulnerability requires user interaction (opening a malicious PDF file) but has a high CVSS score of 7.8 due to the severity of potential code execution impact. Without confirmed KEV listing or public POC data provided, this represents a significant but not yet confirmed active threat.
Use After Free (UAF) vulnerability in Adobe Acrobat Reader that enables arbitrary code execution with high privilege context on affected systems. The vulnerability impacts multiple versions across different release branches (24.001.30235, 20.005.30763, 25.001.20521 and earlier), requiring only user interaction to trigger exploitation via malicious PDF files. With a CVSS score of 7.8 and no privilege escalation required, this represents a significant risk to enterprise and consumer users relying on Acrobat Reader for document handling.
Use After Free vulnerability in Adobe Acrobat Reader that enables arbitrary code execution with user-level privileges when a victim opens a malicious PDF file. Affected versions include 24.001.30235, 20.005.30763, 25.001.20521 and earlier across multiple product lines. This vulnerability requires user interaction but presents high severity due to memory corruption leading to code execution, with exploitation probability and active exploitation status dependent on available public exploits.
Use-after-free vulnerability in Adobe InDesign Desktop that allows arbitrary code execution with the privileges of the current user. Affected versions are InDesign ID20.2, ID19.5.3, and earlier; exploitation requires a victim to open a malicious file. This is a high-severity local vulnerability with user interaction required, but without confirmed active exploitation data or public POC availability indicated in the provided intelligence.
Privilege escalation vulnerability in Autodesk Installer applications where a maliciously crafted binary file exploits an untrusted search path to achieve NT AUTHORITY/SYSTEM level code execution. The vulnerability requires local user interaction (file download) but no privileges, making it a significant risk for Windows environments running Autodesk products. While CVSS 7.8 indicates high severity, the local attack vector and required user interaction limit the attack surface compared to remote exploits.
Heap-based buffer overflow vulnerability in Adobe InCopy versions 20.2, 19.5.3 and earlier that allows arbitrary code execution with the privileges of the current user. The vulnerability requires user interaction (opening a malicious file) and presents a high-severity risk due to its direct code execution capability; exploitation likelihood and real-world attack status cannot be fully assessed without KEV confirmation or public POC availability.
CVE-2025-43575 is an out-of-bounds write vulnerability in Adobe Acrobat Reader that enables arbitrary code execution with high integrity and confidentiality impact. Affected versions include 24.001.30235, 20.005.30763, 25.001.20521 and earlier across multiple product lines. Exploitation requires user interaction (opening a malicious PDF), but once triggered, allows code execution in the context of the current user with no privilege elevation needed.
CVE-2025-30327 is an integer overflow vulnerability in Adobe InCopy that enables arbitrary code execution with the privileges of the current user. Versions 20.2, 19.5.3 and earlier are affected; exploitation requires a user to open a malicious file, making it a file-based attack vector with moderate attack complexity. The vulnerability has a CVSS score of 7.8 (high severity) with complete impact on confidentiality, integrity, and availability, though real-world exploitation depends on user interaction and file delivery success.
A remote code execution vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.
CVE-2025-43581 is an out-of-bounds write vulnerability in Adobe Substance3D - Sampler (versions 5.0 and earlier) that enables arbitrary code execution within the current user's security context. The vulnerability requires user interaction-specifically opening a malicious file-making it a file-based attack vector. With a CVSS score of 7.8 and high impact ratings for confidentiality, integrity, and availability, this represents a significant local privilege escalation risk for affected users, though exploitation requires social engineering or file delivery mechanisms.
CVE-2025-47108 is an out-of-bounds write vulnerability in Adobe Substance3D Painter versions 11.0.1 and earlier that allows arbitrary code execution with user-level privileges. The vulnerability requires user interaction-specifically opening a malicious file-making it a file-based attack vector. While no CVSS:3.1 score of 7.8 indicates high severity with local attack surface, exploitation depends on social engineering to deliver the malicious file.
CVE-2025-43593 is an out-of-bounds write vulnerability in Adobe InDesign Desktop that enables arbitrary code execution with high severity (CVSS 7.8). Affected versions include ID20.2, ID19.5.3 and earlier on local systems. Exploitation requires user interaction (opening a malicious file), but once triggered, grants full code execution capabilities in the context of the current user. Current KEV and EPSS status unknown from provided data, but the local attack vector combined with user interaction requirement and high CVSS score indicates moderate-to-high real-world risk for targeted attacks against design professionals.
CVE-2025-43590 is an out-of-bounds write vulnerability in Adobe InDesign Desktop that allows arbitrary code execution with the privileges of the current user. Affected versions include ID20.2, ID19.5.3, and earlier releases. Exploitation requires user interaction-specifically opening a malicious file-but once triggered, grants an attacker full code execution capabilities in the context of the authenticated user.
A remote code execution vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.