Skip to main content
CVE-2025-49796 CRITICAL POC PATCH CISA Act Now

Memory corruption in libxml2's processing of schematron sch:name elements allows remote attackers to trigger crashes or potentially execute code via maliciously crafted XML files. Affects widespread deployments including Red Hat Enterprise Linux 7-10, OpenShift Container Platform 4.12-4.20, Ubuntu, and Debian distributions. CVSS 9.1 critical severity with network-exploitable vector requiring no authentication. Publicly available exploit code exists (POC confirmed). EPSS score of 0.49% suggests relatively low observed exploitation attempts despite critical rating. Not listed in CISA KEV, indicating no confirmed mass exploitation campaigns at time of analysis. Vendor patches available across all affected Red Hat products with specific versions documented.

Buffer Overflow Information Disclosure Denial Of Service
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
Threat
5.3
CVE-2025-49794 CRITICAL POC PATCH CISA Act Now

Use-after-free in libxml2 XPath parsing allows remote attackers to crash applications via malicious XML Schematron documents. The vulnerability (CVSS 9.1) affects widespread Red Hat ecosystem products including RHEL 7-10 and OpenShift 4.12-4.20, with vendor patches available. Public exploit code exists but CISA KEV does not list active exploitation. EPSS score of 0.11% (30th percentile) suggests low observed exploitation probability despite critical CVSS rating and POC availability, indicating targeted research interest rather than mass exploitation.

Denial Of Service
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
Threat
5.3
CVE-2025-43200 MEDIUM KEV PATCH THREAT This Month

A denial of service vulnerability in This (CVSS 4.2). Risk factors: actively exploited (KEV-listed).

Apple Information Disclosure
NVD
CVSS 3.1
4.2
EPSS
0.4%
CVE-2025-32799 CRITICAL POC PATCH Act Now

Conda-build versions prior to 25.4.0 are vulnerable to path traversal (Tarslip) attacks that allow unauthenticated remote attackers to write arbitrary files outside intended extraction directories by crafting malicious tar archives with directory traversal sequences. This critical vulnerability (CVSS 9.8) affects all users and systems utilizing conda-build for package compilation, with potential for privilege escalation and code execution depending on target file locations and system permissions.

RCE Privilege Escalation Path Traversal Conda Build
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-6121 CRITICAL POC Act Now

Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler's get_pure_content function. An unauthenticated remote attacker can exploit this via a malicious Content-Length header to achieve complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code exists for this end-of-life product, creating immediate risk for any remaining deployed instances.

Buffer Overflow D-Link RCE Dir 632 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-6098 CRITICAL POC Act Now

Critical remote buffer overflow vulnerability in UTT 进取 750W network devices affecting the /goform/setSysAdm API endpoint. An unauthenticated remote attacker can exploit improper use of strcpy() in the passwd1 parameter to achieve complete system compromise (confidentiality, integrity, and availability). A public proof-of-concept exploit exists, and the vendor has not provided patches or response despite early disclosure notification.

Buffer Overflow 750w Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-32798 CRITICAL POC PATCH Act Now

Critical arbitrary code execution vulnerability in conda-build prior to version 25.4.0, where unsafe eval() function usage on meta.yaml recipe selectors allows unauthenticated remote attackers to execute arbitrary code during the package build process with no required privileges or user interaction. This vulnerability affects all users and systems using vulnerable conda-build versions to process potentially malicious or compromised recipe files, with a CVSS score of 9.8 indicating critical severity across confidentiality, integrity, and availability impacts.

RCE Conda Build
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-32800 CRITICAL POC PATCH Act Now

Conda-build versions prior to 25.3.0 are vulnerable to dependency confusion/namespace squatting attacks where an attacker can claim the unpublished 'conda-index' package on PyPI and inject malicious code that gets installed when users run pip install on conda-build projects. This is a critical supply-chain attack vector with CVSS 9.8 (CRITICAL) affecting all users who install conda-build from source or install projects that depend on it via pip, potentially compromising developer environments and CI/CD pipelines. The vulnerability is network-accessible, requires no privileges or user interaction, and provides complete system compromise (confidentiality, integrity, availability).

Python RCE Conda Build
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6179 CRITICAL POC Act Now

Critical permissions bypass vulnerability in Google Chrome OS 16181.27.0 that allows local attackers to disable extensions and gain unauthorized access to Developer Mode on managed Chrome devices. The vulnerability is exploited using the ExtHang3r and ExtPrint3r tools to load arbitrary extensions, affecting enterprise-managed deployments with a CVSS score of 9.8 (critical severity). Active exploitation status and proof-of-concept availability should be verified through CISA KEV and security advisories.

Privilege Escalation Google Denial Of Service Chrome Os Chrome
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6145 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) affecting the /boafrm/formSysLog HTTP POST handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve buffer overflow, leading to remote code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, and the vulnerability affects a widely deployed consumer networking device.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6144 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at endpoint /boafrm/formSysCmd. An authenticated remote attacker can exploit this vulnerability by manipulating the 'submit-url' parameter to achieve buffer overflow, resulting in complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6138 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the HTTP POST request handler. An authenticated attacker can remotely exploit the setWizardCfg function via the ssid5g parameter to achieve buffer overflow, resulting in complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow TP-Link T10 Firmware TOTOLINK
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6130 HIGH POC This Week

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6129 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists, increasing real-world exploitation risk.

Buffer Overflow TP-Link Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6128 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formWirelessTbl endpoint. An authenticated attacker can exploit the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public proof-of-concept code is available, and this vulnerability may be actively exploited in the wild.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6143 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T router firmware (version 4.1.2cu.5232_B20210713) affecting the NTP configuration handler. An authenticated attacker can remotely exploit this vulnerability via HTTP POST requests to the /boafrm/formNtp endpoint by manipulating the submit-url parameter, achieving remote code execution with complete system compromise (confidentiality, integrity, and availability). A public exploit has been disclosed and the vulnerability may be actively exploited in the wild.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6137 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiScheduleCfg function in the HTTP POST request handler. An authenticated remote attacker can exploit this vulnerability by manipulating the 'desc' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability. A public exploit has been disclosed and the vulnerability is likely actively exploited given its critical CVSS score of 8.8 and low attack complexity.

Buffer Overflow TP-Link RCE T10 Firmware TOTOLINK
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6110 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in Tenda FH1201 firmware version 1.2.0.14(408) affecting the /goform/SafeMacFilter endpoint. An authenticated remote attacker can exploit the 'page' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit code exists and the vulnerability is actively exploitable.

Buffer Overflow Fh1201 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-6115 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter function through improper handling of mac_hostname_%d and sched_name_%d parameters. An authenticated remote attacker can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability impacts (CVSS 8.8). Public exploit code is available and the product is end-of-life, significantly elevating real-world risk.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6114 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwarding configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the ingress_name_%d, sched_name_%d, or name_%d parameters to achieve remote code execution with high integrity and confidentiality impact. The vulnerability has public exploit code available and affects only end-of-life products no longer receiving vendor support, significantly elevating real-world risk for exposed legacy deployments.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6113 HIGH POC This Week

Critical remote buffer overflow vulnerability in Tenda FH1203 firmware version 2.0.1.6 affecting the /goform/AdvSetLanip endpoint. An authenticated attacker can exploit improper input validation of the lanMask parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). A public proof-of-concept exploit exists, indicating active disclosure and potential real-world exploitation risk.

Buffer Overflow Fh1203 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6112 HIGH POC This Week

Critical buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7 affecting the lanMask parameter in the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit this to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). A public proof-of-concept exists, making this an active exploitation risk.

Buffer Overflow Fh1205 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6111 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7(775) affecting the /goform/VirtualSer endpoint's 'page' parameter. An authenticated remote attacker can exploit this to achieve complete system compromise including arbitrary code execution, data exfiltration, and service disruption. The vulnerability has public exploit disclosure and demonstrated proof-of-concept availability, elevating immediate risk despite requiring valid credentials.

Buffer Overflow Fh1205 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-49795 HIGH POC PATCH CISA This Week

NULL pointer dereference in libxml2's XPath processing engine crashes applications parsing untrusted XML. Affects all major Linux distributions including Red Hat Enterprise Linux 10, Ubuntu (10 releases), Debian (8 releases), and SUSE. Remote unauthenticated attackers can trigger denial of service by sending crafted XPath expressions embedded in XML documents. Publicly available exploit code exists (GitHub gist). EPSS score is low (0.15%, 36th percentile) indicating limited widespread exploitation observed, and not currently listed in CISA KEV. Vendor patches available from Red Hat (2.12.5-7.el10_0), SUSE, and upstream libxml2 project.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-5309 CRITICAL Act Now

Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Remote Access (PRA) that enables unauthenticated remote code execution with a critical CVSS score of 9.8. The vulnerability affects the chat messaging functionality across both products with no authentication or user interaction required, allowing attackers to execute arbitrary code on affected systems. This is a critical severity issue requiring immediate patching.

RCE Code Injection Remote Support Privileged Remote Access
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-3594 CRITICAL PATCH Act Now

A path traversal vulnerability in Liferay Portal 7.0.0 (CVSS 9.8) that allows remote attackers. Critical severity with potential for significant impact on affected systems.

Path Traversal Liferay Portal Digital Experience Platform
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-6169 CRITICAL Act Now

Critical unauthenticated SQL injection vulnerability in HAMASTAR Technology's WIMP website co-construction management platform that allows remote attackers to execute arbitrary SQL commands without authentication. Attackers can exploit this flaw to read, modify, or delete entire database contents, potentially compromising sensitive project management data, user credentials, and financial information. With a CVSS score of 9.8 and no authentication required, this vulnerability presents an immediate and severe threat to all deployed instances of the WIMP platform.

SQLi
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-47869 CRITICAL PATCH Act Now

Buffer overflow vulnerability in the Apache NuttX RTOS xmlrpc example application where device statistics structures use hardcoded buffer sizes that do not account for the CONFIG_XMLRPC_STRINGSIZE configuration parameter, allowing remote attackers to overflow memory without authentication. This affects Apache NuttX RTOS versions 6.22 through 12.8.x, with a critical CVSS score of 9.8 indicating high severity across confidentiality, integrity, and availability. The vulnerability is particularly dangerous because developers may have copied the vulnerable example code into production implementations, extending the attack surface beyond the example application itself.

Buffer Overflow Apache Nuttx
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-47868 CRITICAL PATCH Act Now

A buffer overflow vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Buffer Overflow Heap Overflow Apache Denial Of Service Nuttx
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6172 CRITICAL Act Now

Critical permission vulnerability in the BoomPlayer mobile application (com.afmobi.boomplayer) that allows unauthenticated remote attackers to perform unauthorized operations with complete compromise of confidentiality, integrity, and availability. The vulnerability carries a maximum CVSS score of 9.8 and is classified as an improper authentication/authorization defect (CWE-287); exploitation requires no user interaction and can be triggered over the network, making it a severe risk to all users of this application.

Android
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6132 MEDIUM POC This Month

Critical SQL injection vulnerability in Chanjet CRM 1.0 affecting the /sysconfig/departmentsetting.php endpoint via the gblOrgID parameter. An unauthenticated remote attacker can manipulate this parameter to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has public exploit disclosure and demonstrates active exploitation potential, making it a high-priority remediation target despite the moderate CVSS score.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6124 MEDIUM POC This Month

Critical SQL injection vulnerability in code-projects Restaurant Order System version 1.0, affecting the /tablelow.php file's ID parameter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion of the restaurant database. The vulnerability has been publicly disclosed with proof-of-concept availability, increasing real-world exploitation risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6123 MEDIUM POC This Month

A SQL injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-6097 MEDIUM POC This Month

A security vulnerability in UTT 进取 750W (CVSS 5.3). Risk factors: public PoC available.

Information Disclosure 750w Firmware
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-6087 CRITICAL PATCH Act Now

A remote code execution vulnerability (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

SSRF Next.js Node.js Information Disclosure Opennext For Cloudflare +2
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%
CVE-2025-40916 CRITICAL Act Now

A remote code execution vulnerability (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

Information Disclosure
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-6104 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506. An authenticated attacker can remotely execute arbitrary operating system commands via the 'ipaddress' parameter in /billing/pms_check.php, achieving complete system compromise. Public exploit code exists, the vendor has not responded to early disclosure, and this vulnerability meets criteria for immediate exploitation in real-world environments.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6103 HIGH This Week

A critical OS command injection vulnerability exists in Wifi-soft UniBox Controller versions up to 20250506 within the /billing/test_accesscodelogin.php file's Password parameter, allowing authenticated remote attackers to execute arbitrary system commands with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the vendor has not responded to early disclosure notifications, indicating active exploitation risk and lack of official patches.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6102 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506, exploitable through the mac_address parameter in /authentication/logout.php. An authenticated attacker can remotely execute arbitrary OS commands with high impact on confidentiality, integrity, and availability. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure attempts, significantly elevating real-world risk.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-40728 HIGH This Week

A SQL injection vulnerability in Customer Support System (CVSS 8.8) that allows an authenticated attacker. High severity vulnerability requiring prompt remediation.

PHP SQLi Information Disclosure Customer Support System
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-48992 MEDIUM POC PATCH This Month

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a stored and blind cross-site scripting (XSS) vulnerability exists in the Name Field of the user profile. A malicious attacker can change their name to a javascript payload, which is executed when a user adds the malicious user to their Synchronization > Address books. This issue has been patched in versions 6.8.123 and 25.0.27.

Microsoft XSS Group Office
NVD GitHub
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-4987 HIGH This Week

A cross-site scripting vulnerability (CVSS 8.7) that allows an attacker. High severity vulnerability requiring prompt remediation.

XSS
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-6170 LOW POC PATCH CISA Monitor

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.

Buffer Overflow Stack Overflow Jboss Core Services Openshift Container Platform Enterprise Linux +1
NVD GitHub VulDB
CVSS 3.1
2.5
EPSS
0.0%
Threat
4.0
CVE-2025-5689 HIGH PATCH This Week

Privilege escalation flaw in authd's temporary user record handling during pre-authentication NSS operations that causes first-time SSH login users to be incorrectly assigned root group membership within their session context. This allows authenticated users (PR:L) to gain elevated group privileges over the network (AV:N) with low complexity, affecting system confidentiality (C:H) and integrity (I:L). The vulnerability has a high CVSS score of 8.5, though real-world exploitation requires valid login credentials and depends on authentication infrastructure specifics.

Privilege Escalation Linux SSH Authentication Bypass Authd +1
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-49124 HIGH PATCH This Week

A security vulnerability in Apache Tomcat installer for Windows (CVSS 8.4). High severity vulnerability requiring prompt remediation.

Microsoft Apache Tomcat Windows Privilege Escalation +1
NVD HeroDevs GitHub
CVSS 3.1
8.4
EPSS
0.1%
CVE-2025-3464 HIGH This Week

Race condition vulnerability in ASUS Armoury Crate that exploits a Time-of-check Time-of-use (TOCTOU) flaw to bypass authentication mechanisms. An authenticated local attacker can exploit this vulnerability to escalate privileges and potentially achieve integrity and availability impacts on the affected system. While the CVSS score of 8.4 is elevated, real-world exploitation requires local access and existing user privileges, limiting widespread impact.

Authentication Bypass
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-36632 HIGH PATCH This Week

Privilege escalation vulnerability in Tenable Agent for Windows (versions prior to 10.8.5) that allows a non-administrative local user to execute arbitrary code with SYSTEM-level privileges. This is a local privilege escalation (LPE) vulnerability with high severity (CVSS 7.8) requiring only local access and low complexity exploitation. The vulnerability represents a critical risk in multi-user Windows environments where standard users could gain complete system control.

Microsoft Information Disclosure Nessus Agent Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-48976 HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java Commons Fileupload Red Hat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-48988 HIGH PATCH This Week

A remote code execution vulnerability in Apache Tomcat (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-3602 HIGH PATCH This Week

Liferay Portal and DXP versions fail to implement depth limiting on GraphQL queries, enabling unauthenticated remote attackers to execute deeply nested queries that consume excessive server resources and cause denial-of-service. This affects Liferay Portal 7.4.0-7.4.3.97 and multiple DXP versions (2023.Q3.1-2023.Q3.2, 7.4 GA-Update 92, 7.3 GA-Update 35, 7.2 FP 8-20). With a CVSS 7.5 score, high network exploitability, and no authentication required, this represents a significant availability risk to exposed Liferay installations.

Information Disclosure Digital Experience Platform Liferay Portal
NVD
CVSS 3.1
7.5
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy