THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — June 17, 2025

190 CVEs tracked today. 21 Critical, 89 High, 55 Medium, 9 Low.

CVE-2025-49825 CRITICAL CVSS 9.8
Critical remote authentication bypass vulnerability affecting Teleport Community Edition versions 17.5.1 and earlier, allowing unauthenticated attackers to completely compromise authentication mechanisms over the network without any user interaction. With a CVSS score of 9.8 and no available open-source patch at disclosure, this vulnerability represents an immediate threat to all affected Teleport deployments, enabling full system compromise including confidentiality, integrity, and availability violations.

Authentication Bypass Suse
CVE-2025-49452 CRITICAL CVSS 9.3
Critical SQL injection vulnerability in Adrian Ladó's PostaPanduri application (versions up to 2.1.3) that allows unauthenticated remote attackers to execute arbitrary SQL commands. The vulnerability has a CVSS score of 9.3 with network-based attack vector and no authentication required, enabling attackers to extract sensitive data from the database and potentially cause service disruption. Real-world exploitation risk is elevated due to the complete lack of authentication requirements and straightforward attack vector.

SQLi PHP
CVE-2025-49447 CRITICAL CVSS 10.0
Critical unrestricted file upload vulnerability in Fastw3b LLC's FW Food Menu plugin (versions up to 6.0.0) that allows unauthenticated remote attackers to upload and execute malicious files, potentially achieving complete system compromise. With a perfect CVSS 10.0 score, zero attack complexity, no privilege requirements, and network accessibility, this vulnerability poses immediate risk to all exposed installations. The vulnerability enables arbitrary code execution due to insufficient file type validation, affecting the confidentiality, integrity, and availability of affected systems.

File Upload
CVE-2025-49444 CRITICAL CVSS 10.0
Critical unrestricted file upload vulnerability in merkulove Reformer for Elementor (versions through 1.0.5) that allows unauthenticated attackers to upload arbitrary files, including web shells, to affected servers. With a perfect CVSS 10.0 score and network-accessible attack vector requiring no privileges or user interaction, this vulnerability enables complete remote code execution and server compromise. Given the prevalence of Elementor in WordPress ecosystems and the trivial exploitation requirements, this represents an immediate and severe threat to all unpatched installations.

File Upload
CVE-2025-49330 CRITICAL CVSS 9.8
A deserialization vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Deserialization Zoho WordPress PHP RCE
CVE-2025-49220 CRITICAL CVSS 9.8
Critical pre-authentication remote code execution vulnerability in Trend Micro Apex Central versions below 8.0.7007, caused by insecure deserialization in a specific method. The vulnerability allows unauthenticated remote attackers to execute arbitrary code with complete system compromise (confidentiality, integrity, and availability impact). With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this represents an immediately exploitable critical threat to exposed Apex Central installations.

Deserialization RCE Apex Central
CVE-2025-49219 CRITICAL CVSS 9.8
Pre-authentication remote code execution vulnerability stemming from insecure deserialization in Trend Micro Apex Central versions below 8.0.7007. An unauthenticated attacker can exploit this vulnerability over the network with low complexity to achieve complete system compromise (confidentiality, integrity, and availability). This vulnerability is actively tracked by CISA as a known exploited vulnerability (KEV) with high CVSS 9.8 severity and carries significant real-world risk due to its network-accessible, authentication-bypass nature.

Deserialization RCE Trendmicro Authentication Bypass Apex Central
CVE-2025-49217 CRITICAL CVSS 9.8
Pre-authentication remote code execution vulnerability in Trend Micro Endpoint Encryption PolicyServer caused by insecure deserialization. Attackers can exploit this vulnerability over the network without authentication to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). This is a critical, actively exploitable vulnerability affecting Trend Micro Endpoint Encryption deployments; similar to CVE-2025-49213 but in a different vulnerable method, indicating a pattern of insecure deserialization issues in the same product.

Deserialization RCE Trendmicro Authentication Bypass Trend Micro Endpoint Encryption
CVE-2025-49216 CRITICAL CVSS 9.8
Critical authentication bypass vulnerability in Trend Micro Endpoint Encryption PolicyServer that allows unauthenticated remote attackers to gain administrative access and modify product configurations without valid credentials. The vulnerability has a CVSS 9.8 score indicating severe impact (confidentiality, integrity, and availability compromised), and represents a complete authentication control failure requiring immediate patching.

Authentication Bypass Trendmicro Privilege Escalation Trend Micro Endpoint Encryption
CVE-2025-49213 CRITICAL CVSS 9.8
Critical pre-authentication remote code execution vulnerability in Trend Micro Endpoint Encryption PolicyServer caused by insecure deserialization. An unauthenticated attacker can exploit this vulnerability over the network with no user interaction required to achieve complete system compromise (confidentiality, integrity, and availability impact). This vulnerability is actively being tracked and should be prioritized for immediate patching as it requires no privileges or complex attack conditions.

Deserialization RCE Trendmicro Authentication Bypass Trend Micro Endpoint Encryption
CVE-2025-49212 CRITICAL CVSS 9.8
Pre-authentication remote code execution vulnerability in Trend Micro Endpoint Encryption PolicyServer caused by insecure deserialization in an unnamed method. An unauthenticated attacker on the network can exploit this over the network without user interaction to achieve complete system compromise (confidentiality, integrity, and availability impact). This vulnerability is actively monitored and represents a critical threat requiring immediate patching.

Deserialization RCE Trendmicro Authentication Bypass Trend Micro Endpoint Encryption
CVE-2025-49071 CRITICAL CVSS 10.0
Critical unrestricted file upload vulnerability in NasaTheme Flozen that allows unauthenticated remote attackers to upload and execute web shells on affected servers. This vulnerability affects all versions of Flozen and carries a CVSS score of 10.0 with no authentication or user interaction required. If actively exploited (KEV status pending verification), attackers can achieve complete system compromise including confidentiality breach, integrity violation, and availability disruption.

File Upload
CVE-2025-47573 CRITICAL CVSS 9.3
Blind SQL injection vulnerability in mojoomla School Management that allows unauthenticated network attackers to extract sensitive data from the application's database without direct visibility of query results. The vulnerability affects School Management versions up to 92.0.0 and carries a CVSS score of 9.3, indicating critical severity. The attack requires no user interaction, no privileges, and low complexity, making it highly exploitable in real-world scenarios.

SQLi Joomla
CVE-2025-47559 CRITICAL CVSS 9.9
CVE-2025-47559 is an unrestricted file upload vulnerability in RomanCode MapSVG that allows authenticated users to upload and execute arbitrary web shells on affected servers. The vulnerability impacts MapSVG versions through 8.5.32, enabling attackers with valid login credentials to achieve complete system compromise (confidentiality, integrity, and availability). With a CVSS score of 9.9 and active exploitation risk indicated by the low attack complexity and widespread impact potential, this represents a critical threat to MapSVG deployments.

File Upload
CVE-2025-47452 CRITICAL CVSS 9.9
Critical unrestricted file upload vulnerability in RexTheme WP VR plugin (versions through 8.5.26) that allows authenticated users with low privileges to upload and execute arbitrary web shells on affected WordPress servers. With a CVSS score of 9.9 and network-based attack vector requiring only low privileges, this vulnerability poses an immediate threat to WordPress installations using the affected plugin and likely has active exploitation potential given the ease of weaponization.

File Upload
CVE-2025-39479 CRITICAL CVSS 9.3
Blind SQL injection vulnerability in smartiolabs Smart Notification versions through 10.3 that allows unauthenticated remote attackers to extract sensitive database information without direct visibility into query results. The vulnerability has a critical CVSS score of 9.3 and affects confidentiality with high severity; while integrity is not compromised, availability can be degraded through resource exhaustion. The network-accessible nature (AV:N) combined with low attack complexity (AC:L) and no authentication requirement (PR:N) makes this a priority vulnerability, though real-world exploitation probability and KEV/active exploitation status require confirmation.

SQLi
CVE-2025-34511 HIGH CVSS 8.8
Sitecore PowerShell Extensions through version 7.0 allows authenticated users to upload arbitrary files including ASPX webshells via crafted HTTP requests. The unrestricted file upload bypasses content type restrictions, enabling remote code execution on the Sitecore IIS server with any authenticated account.

File Upload RCE Experience Manager Experience Commerce Experience Platform
CVE-2025-34510 HIGH CVSS 8.8
Sitecore Experience Manager, Platform, and Commerce versions 9.0 through 10.4 contain a Zip Slip vulnerability that allows authenticated attackers to write arbitrary files outside the intended upload directory. By crafting ZIP archives with path traversal entries, attackers can overwrite application files and achieve remote code execution.

RCE Path Traversal Managed Cloud Experience Manager Experience Commerce
CVE-2025-34509 HIGH CVSS 7.5
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 through 10.4.1 contain a hardcoded administrative user account that allows unauthenticated remote attackers to gain unauthorized access to sensitive administrative APIs over HTTP without authentication. This vulnerability has a CVSS score of 7.5 (High) and enables confidentiality breach through direct API access; exploitation likelihood is high due to the low attack complexity and lack of authentication requirements.

Information Disclosure Experience Commerce Managed Cloud Experience Manager Experience Platform
CVE-2025-32510 CRITICAL CVSS 10.0
CVE-2025-32510 is an unrestricted file upload vulnerability in Ovatheme Events Manager versions up to 1.8.4 that allows unauthenticated attackers to upload malicious files, achieving remote code execution and complete system compromise. With a perfect CVSS 10.0 score, network-accessible attack vector, and no authentication required, this vulnerability poses critical risk to all exposed installations. Exploitation is trivial and requires only HTTP requests.

File Upload
CVE-2025-31919 CRITICAL CVSS 9.8
Critical deserialization of untrusted data vulnerability in themeton Spare (versions up to 1.7) that allows remote attackers to achieve object injection without authentication or user interaction. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability enables complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability's presence in a serialization library makes it particularly dangerous as it can be exploited by any network-connected attacker sending specially crafted serialized objects.

Deserialization Code Injection
CVE-2025-30618 CRITICAL CVSS 9.8
Critical deserialization of untrusted data vulnerability in the yuliaz Rapyd Payment Extension for WooCommerce (versions through 1.2.0) that allows unauthenticated remote attackers to perform object injection attacks. The vulnerability has a CVSS score of 9.8 with network-accessible attack vector and no authentication required, meaning any internet-connected attacker can exploit this without user interaction. If actively exploited or proof-of-concept code is available, this represents an immediate risk to all unpatched WooCommerce installations using this payment plugin.

Deserialization Woocommerce PHP
CVE-2025-24773 CRITICAL CVSS 9.3
Critical SQL injection vulnerability in the WPCRM plugin (versions up to 3.2.0) for WordPress, affecting deployments integrating Contact Form 7 and WooCommerce. An unauthenticated remote attacker can execute arbitrary SQL commands with high confidence (CVSS 9.3, EPSS score likely elevated) to extract sensitive customer relationship and transaction data, though direct data modification and system availability impacts are limited. Immediate patching is strongly recommended for all affected installations.

WordPress SQLi Joomla PHP
CVE-2025-5777 HIGH CVSS 7.5
Citrix NetScaler ADC and Gateway contain an input validation vulnerability (CVE-2025-5777, CVSS 7.5) leading to memory overread when configured as VPN or AAA virtual server. KEV-listed with EPSS 69.8% and public PoC, this vulnerability enables remote unauthenticated attackers to read sensitive data from the appliance's memory, potentially exposing session tokens, credentials, and encryption keys — similar to the Heartbleed class of memory disclosure bugs.

Information Disclosure Citrix Memory Corruption Netscaler Gateway Netscaler Application Delivery Controller
CVE-2025-4404 CRITICAL CVSS 9.1
Critical privilege escalation vulnerability in FreeIPA that allows authenticated users with high privileges to create Kerberos services with the same canonical name (krbCanonicalName) as the realm administrator, enabling them to obtain administrative credentials. The vulnerability affects FreeIPA default configurations where uniqueness validation is not enforced, allowing attackers to retrieve Kerberos tickets with admin@REALM credentials and perform unrestricted administrative operations. With a CVSS 9.1 score and network-accessible attack vector, this represents a severe threat to FreeIPA-based identity infrastructures, particularly in environments where service creation permissions are delegated or insufficiently restricted.

Privilege Escalation Information Disclosure Authentication Bypass Redhat Suse
CVE-2025-49879 HIGH CVSS 8.6
Path traversal vulnerability in themezaa Litho that allows unauthenticated network attackers to cause a denial of service by accessing files outside the intended directory structure. Affected versions range from an unspecified baseline through version 3.0 of the Litho product. The vulnerability has a high CVSS score of 8.6 with a network attack vector and no authentication requirements, making it easily exploitable by remote attackers.

Path Traversal
CVE-2025-49854 HIGH CVSS 7.6
SQL Injection vulnerability in Anh Tran Slim SEO plugin (versions through 4.5.4) that allows high-privileged attackers to execute arbitrary SQL commands, potentially leading to data exfiltration and service disruption. The vulnerability requires administrator-level privileges to exploit, significantly limiting its real-world impact compared to unauthenticated SQL injection attacks. While the CVSS score of 7.6 indicates moderate-to-high severity, the privilege requirement (PR:H) substantially reduces the practical threat landscape.

SQLi WordPress PHP
CVE-2025-49850 HIGH CVSS 8.4
Heap-based buffer overflow vulnerability in PRJ file parsing that allows local attackers with user interaction to achieve high-impact memory corruption, potentially leading to arbitrary code execution or information disclosure. The vulnerability stems from insufficient validation of user-supplied data within PRJ file structures, enabling attackers to read and write past allocated buffer boundaries. No current KEV status or active exploitation data is available in public records, but the local attack vector and requirement for user interaction (file opening) suggest moderate real-world risk despite the high CVSS score.

Buffer Overflow Heap Overflow Memory Corruption
CVE-2025-49849 HIGH CVSS 8.4
CVE-2025-49849 is an out-of-bounds read vulnerability in PRJ file parsing that enables memory corruption through insufficient validation of user-supplied data. The vulnerability affects applications processing PRJ files (commonly associated with project management software) and allows local attackers with user interaction to read and write beyond allocated memory boundaries, potentially leading to information disclosure or code execution. While the CVSS score is moderately high (8.4), real-world exploitability depends on KEV status and active exploitation reports, which are not currently documented in available intelligence.

Buffer Overflow Information Disclosure Memory Corruption
CVE-2025-49848 HIGH CVSS 8.4
CVE-2025-49848 is an out-of-bounds write vulnerability in PRJ file parsing that allows unauthenticated local attackers with user interaction to corrupt memory and potentially achieve arbitrary code execution or application crash. The vulnerability stems from insufficient input validation when processing PRJ files, enabling attackers to read and write past allocated buffer boundaries. While no public exploit code or active in-the-wild exploitation has been confirmed at analysis time, the high CVSS score (8.4) and critical impact ratings (confidentiality, integrity, availability all HIGH) indicate this requires prioritized patching.

Buffer Overflow Memory Corruption Denial Of Service
CVE-2025-49847 HIGH CVSS 8.8
A buffer overflow vulnerability in llama.cpp (CVSS 8.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Buffer Overflow RCE Llama.Cpp Suse
CVE-2025-49508 HIGH CVSS 8.1
PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in LoftOcean CozyStay that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The vulnerability affects CozyStay with a CVSS score of 8.1 (High severity), enabling attackers to read sensitive files, execute arbitrary code, or compromise system integrity without requiring user interaction or authentication.

PHP Information Disclosure
CVE-2025-49451 HIGH CVSS 7.5
A Path Traversal vulnerability (CWE-35) exists in the Aeroscroll Gallery WordPress plugin (versions through 1.0.12) that allows unauthenticated remote attackers to access arbitrary files on the server, potentially exposing sensitive configuration files, database credentials, and other confidential data. The vulnerability has a CVSS score of 7.5 (High) with network accessibility and no authentication required, making it a significant information disclosure risk for all installations of affected versions.

Path Traversal
CVE-2025-49415 HIGH CVSS 8.6
Path traversal vulnerability in Fastw3b LLC FW Gallery (versions through 8.0.0) that allows unauthenticated remote attackers to cause denial of service by manipulating file path parameters. The vulnerability has a high CVSS score of 8.6 due to its network accessibility and lack of authentication requirements, though impact is limited to availability rather than confidentiality or integrity. Specific KEV status, EPSS scores, and publicly available POC information cannot be confirmed from the provided data, warranting immediate vendor contact for patch availability and exploitation status.

Path Traversal
CVE-2025-49385 HIGH CVSS 7.8
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.

Privilege Escalation Trendmicro Windows Maximum Security 2022
CVE-2025-49384 HIGH CVSS 7.8
Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.

Privilege Escalation Trendmicro Path Traversal Maximum Security 2022
CVE-2025-49331 HIGH CVSS 7.2
Deserialization of untrusted data vulnerability in impleCode eCommerce Product Catalog versions up to 3.4.3 that allows authenticated attackers with high privileges to perform object injection attacks. The vulnerability enables remote code execution or unauthorized data manipulation through malicious serialized objects. While the CVSS score of 7.2 is moderate-to-high, the requirement for high privileges (PR:H) significantly limits real-world exploitability; however, this should not be underestimated in multi-tenant or insider threat scenarios.

Deserialization
CVE-2025-49316 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in the Saleswonder Team Tobias WP2LEADS WordPress plugin (versions up to 3.5.0) that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. An attacker can craft a malicious URL containing JavaScript payload and trick users into clicking it, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction, and while KEV/active exploitation status and POC availability are not explicitly confirmed in provided data, the low attack complexity and reflected nature suggest moderate real-world risk.

XSS
CVE-2025-49312 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in the CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress affecting versions through 5.4.8.1. An unauthenticated attacker can inject malicious scripts into web pages viewed by users with no special privileges required, potentially leading to session hijacking, credential theft, or malware distribution. The CVSS 7.1 score reflects the moderate severity with network attack vector and user interaction requirement.

WordPress XSS PHP
CVE-2025-49266 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in Rustaurius Ultimate Reviews WordPress plugin versions up to 3.2.14, allowing unauthenticated attackers to inject malicious scripts that execute in users' browsers. The vulnerability requires user interaction (clicking a malicious link) but can compromise session tokens, steal sensitive data, or perform actions on behalf of affected users. While this is a network-accessible, low-complexity attack with moderate CVSS score (7.1), reflected XSS vulnerabilities are commonly exploited and proof-of-concept code is typically straightforward to develop.

XSS
CVE-2025-49261 HIGH CVSS 8.1
PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in thembay Diza affecting versions through 1.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated network attacker can exploit this with high complexity to achieve arbitrary file inclusion, leading to information disclosure, code execution, or system compromise. The high CVSS score of 8.1 reflects the severity of potential impacts (confidentiality, integrity, and availability), though real-world exploitability depends on PHP configuration and the specific include/require patterns in affected code.

PHP Information Disclosure
CVE-2025-49260 HIGH CVSS 8.1
A security vulnerability in thembay Aora allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure
CVE-2025-49259 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Hara that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. Affected versions range from an unspecified baseline through version 1.2.10. While the CVSS score of 8.1 is elevated, the attack complexity is rated 'High,' suggesting real-world exploitation requires specific environmental conditions or timing.

PHP Information Disclosure
CVE-2025-49258 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Maia versions up to 1.1.15, caused by improper control of filenames in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this over the network with high complexity to read arbitrary files on the server, potentially leading to code execution, information disclosure, and system compromise. The vulnerability has a CVSS 3.1 score of 8.1 (High severity) with network accessibility and no privilege requirements, though exploitation requires non-standard conditions (AC:H).

PHP Information Disclosure
CVE-2025-49257 HIGH CVSS 8.1
A security vulnerability in thembay Zota allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure
CVE-2025-49256 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Sapa that allows unauthenticated remote attackers to include and execute arbitrary PHP files through improper input validation on filename parameters in include/require statements. Affected versions range from an unspecified baseline through version 1.1.14. With a CVSS score of 8.1 and network-accessible attack vector, this vulnerability enables confidentiality, integrity, and availability compromise, though exploitation requires high attack complexity (AC:H) suggesting non-trivial preconditions.

PHP Information Disclosure
CVE-2025-49255 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Ruza versions up to 1.0.7, stemming from improper control of filename parameters in PHP include/require statements. An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server and potentially execute code, achieving high confidentiality, integrity, and availability impact. The CVSS score of 8.1 reflects significant risk, though the attack complexity is marked as high, suggesting exploitation may require specific conditions or user interaction timing.

PHP Information Disclosure
CVE-2025-49254 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Nika theme versions through 1.2.8, caused by improper control of filename parameters in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server filesystem, potentially leading to information disclosure, code execution, or system compromise. The CVSS score of 8.1 (High) reflects significant confidentiality and integrity impact, though the AC:H (Attack Complexity: High) rating suggests some exploitation difficulty; KEV status and active exploitation data would further clarify immediate risk priority.

PHP Information Disclosure
CVE-2025-49253 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Lasa versions up to 1.1, caused by improper control of filename parameters in PHP include/require statements. This allows unauthenticated remote attackers to include and execute arbitrary local files on the server, potentially leading to remote code execution, information disclosure, and system compromise. The high CVSS score of 8.1 reflects the severity of this vulnerability, though the high attack complexity (AC:H) suggests exploitation may require specific environmental conditions or knowledge of the target system.

PHP Information Disclosure
CVE-2025-49252 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Besa versions through 2.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated remote attacker can exploit this via a network vector with high complexity to achieve arbitrary file read/write capabilities, potentially leading to remote code execution. The high CVSS score of 8.1 reflects the severity of the confidentiality, integrity, and availability impact, though real-world exploitation requires specific conditions given the AC:H rating.

PHP Information Disclosure
CVE-2025-49251 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in thembay Fana versions through 1.1.28 that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The high CVSS score of 8.1 reflects the potential for confidentiality, integrity, and availability impact, though the 'H' attack complexity suggests exploitation requires specific conditions or knowledge of the application architecture. No publicly confirmed KEV or widespread active exploitation is documented, but the 2025 CVE date indicates this is a recently disclosed vulnerability requiring immediate attention from Fana users.

PHP Lfi RCE
CVE-2025-49218 HIGH CVSS 7.7
Post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that allows low-privileged authenticated users to escalate privileges through SQL injection attacks. The vulnerability has a CVSS score of 7.7 (high severity) with significant impact on confidentiality, integrity, and availability. While this is a post-auth vulnerability requiring initial low-privileged code execution, successful exploitation enables privilege escalation, making it a critical concern for organizations running affected PolicyServer instances.

SQLi Trendmicro Privilege Escalation Trend Micro Endpoint Encryption
CVE-2025-49215 HIGH CVSS 8.8
Post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that enables authenticated attackers to escalate privileges and achieve full system compromise (confidentiality, integrity, and availability impact). The vulnerability requires an attacker to first obtain low-privileged code execution on the target system before exploiting the SQL injection to escalate to administrative privileges. With a CVSS score of 8.8 and network accessibility, this represents a significant risk to organizations running vulnerable PolicyServer instances, particularly in environments where initial compromise vectors (phishing, lateral movement, supply chain) are plausible.

SQLi Trendmicro Privilege Escalation Trend Micro Endpoint Encryption
CVE-2025-49214 HIGH CVSS 8.8
Post-authentication insecure deserialization vulnerability in Trend Micro Endpoint Encryption PolicyServer that allows remote code execution with high impact on confidentiality, integrity, and availability. While the CVSS score of 8.8 is significant, exploitation requires prior low-privileged code execution on the target system, substantially reducing real-world attack surface compared to unauthenticated network exploits. The vulnerability affects Trend Micro Endpoint Encryption installations and should be prioritized based on organizational exposure to this specific product line and internal threat modeling of low-privileged account compromise scenarios.

Deserialization RCE Trendmicro Privilege Escalation Trend Micro Endpoint Encryption
CVE-2025-49211 HIGH CVSS 7.7
SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that enables privilege escalation on affected systems. The vulnerability requires an attacker to first obtain low-privileged code execution on the target system, after which SQL injection can be leveraged to escalate privileges and gain high-impact access (confidentiality compromise, integrity violation, availability disruption). With a CVSS score of 7.7 and local attack vector, this poses a significant risk to organizations running vulnerable PolicyServer instances, particularly in multi-user environments or where low-privileged service accounts are present.

SQLi Trendmicro Privilege Escalation Trend Micro Endpoint Encryption
CVE-2025-49180 HIGH CVSS 7.8
CVE-2025-49180 is an integer overflow vulnerability in the RandR (Resize and Rotate) X11 extension's RRChangeProviderProperty function that fails to properly validate input parameters. This allows a local, unprivileged attacker to trigger memory allocation failures or heap corruption, potentially leading to privilege escalation or denial of service on X11-based systems. The vulnerability requires local access and low privileges to exploit, making it a significant risk for multi-user systems and shared computing environments.

Buffer Overflow Redhat Suse
CVE-2025-49179 HIGH CVSS 7.3
CVE-2025-49179 is an integer overflow vulnerability in the X Record extension's RecordSanityCheckRegisterClients function that allows authenticated local users to bypass request length validation checks. This flaw enables privilege escalation and potential code execution on affected X11 systems. With a CVSS score of 7.3 and requiring local access with low privileges, this poses a moderate-to-high risk for multi-user systems; exploitation status and POC availability have not been confirmed in public disclosures as of analysis time.

Buffer Overflow Redhat Suse
CVE-2025-49176 HIGH CVSS 7.3
CVE-2025-49176 is an integer overflow vulnerability in the X11 Big Requests extension that allows local attackers with low privileges to bypass request size validation by triggering a multiplication-based integer wrap-around, enabling denial of service or potential code execution through oversized X protocol requests. The vulnerability affects X11 server implementations that use the Big Requests extension; while not currently listed in CISA KEV catalog, the 7.3 CVSS score and local attack vector indicate moderate-to-high real-world risk for multi-user systems. No public POC or active exploitation has been confirmed at time of analysis.

Integer Overflow Denial Of Service Redhat Suse
CVE-2025-49157 HIGH CVSS 7.8
Privilege escalation vulnerability in Trend Micro Apex One's Damage Cleanup Engine that exploits improper link following (CWE-269), allowing local attackers with low-privilege code execution to escalate to higher privileges. The vulnerability requires initial code execution on the target system but presents significant risk due to its high CVSS score (7.8) and likely real-world exploitability given the common prevalence of local code execution vectors in enterprise environments.

Privilege Escalation Trendmicro Apex One
CVE-2025-49156 HIGH CVSS 7.0
Privilege escalation vulnerability in Trend Micro Apex One's scan engine that exploits improper link handling to allow local attackers to escalate privileges. The vulnerability affects Trend Micro Apex One installations and requires an attacker to first obtain low-privileged code execution on the target system. While no active exploitation in the wild has been confirmed at this time, the CVSS score of 7.0 indicates a high-severity local privilege escalation risk for organizations running vulnerable versions.

Privilege Escalation Trendmicro Apex One
CVE-2025-49155 HIGH CVSS 8.8
CVE-2025-49155 is an uncontrolled search path vulnerability in Trend Micro Apex One's Data Loss Prevention (DLP) module that allows unauthenticated remote attackers to inject and execute arbitrary code. The vulnerability requires user interaction (CVSS UI:R) but poses critical risk to organizations deploying Apex One, as successful exploitation grants full system compromise with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation likelihood should be assessed against current threat intelligence for active in-the-wild usage.

RCE Trendmicro Code Injection Path Traversal Apex One
CVE-2025-49154 HIGH CVSS 8.7
CVE-2025-49154 is an insecure access control vulnerability (CWE-284) in Trend Micro Apex One and Worry-Free Business Security that allows a local attacker with low-privileged code execution to overwrite critical memory-mapped files, potentially compromising system security and stability. With a CVSS score of 8.7 and low attack complexity, this vulnerability poses a significant risk to enterprise security postures, though exploitation requires prior code execution access. No active KEV confirmation or public POC availability is documented in standard vulnerability databases at this time.

Trendmicro Privilege Escalation Information Disclosure Worry Free Business Security Worry Free Business Security Services
CVE-2025-48333 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in WPQuark's eForm WordPress Form Builder plugin that allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users. The vulnerability affects the eForm plugin across unspecified version ranges and can be exploited with user interaction to compromise confidentiality, integrity, and availability. No active KEV designation or confirmed POC availability is documented, but the network-accessible nature and low attack complexity present moderate real-world exploitation risk.

WordPress XSS PHP
CVE-2025-48274 HIGH CVSS 7.5
A SQL injection vulnerability in wpjobportal WP Job Portal allows Blind SQL Injection (CVSS 9.3). Critical severity with potential for significant impact on affected systems.

SQLi
CVE-2025-48145 HIGH CVSS 7.1
A cross-site scripting vulnerability in Michal Jaworski Track (CVSS 7.1). High severity vulnerability requiring prompt remediation.

XSS WordPress PHP
CVE-2025-48118 HIGH CVSS 8.5
SQL injection vulnerability in WpExperts Hub's Woocommerce Partial Shipment plugin (versions up to 3.2) that allows authenticated attackers with low privileges to execute arbitrary SQL queries. The vulnerability has a CVSS score of 8.5 (High) with network accessibility and low attack complexity, enabling attackers to read sensitive database information and potentially disrupt service availability. The attack requires valid user credentials but no special interaction, making it a significant risk for multi-user WordPress/WooCommerce installations.

WordPress SQLi Woocommerce PHP
CVE-2025-47867 HIGH CVSS 7.5
Local File Inclusion (LFI) vulnerability in Trend Micro Apex Central widgets (versions below 8.0.6955) that allows authenticated attackers to include and execute arbitrary PHP files, achieving remote code execution on affected systems. The vulnerability requires low-level user authentication and moderate attack complexity but carries high impact across confidentiality, integrity, and availability. Active exploitation status and proof-of-concept availability have not been confirmed from the provided data, but the authentication requirement and network accessibility make this a credible threat to deployed Apex Central instances.

PHP RCE Trendmicro Lfi Apex Central
CVE-2025-47865 HIGH CVSS 7.5
Local File Inclusion (LFI) vulnerability in Trend Micro Apex Central widgets that enables remote code execution (RCE) on affected systems. This vulnerability affects Trend Micro Apex Central installations below version 8.0.6955 and requires an authenticated attacker with low privileges to exploit. The vulnerability combines LFI with RCE capabilities, representing a significant threat to organizations using vulnerable Apex Central deployments.

RCE Trendmicro Lfi Apex Central
CVE-2025-47572 HIGH CVSS 7.5
A security vulnerability in mojoomla School Management allows PHP Local File Inclusion (CVSS 7.5). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure Joomla
CVE-2025-41413 HIGH CVSS 7.8
Fuji Electric Smart Editor contains an out-of-bounds write vulnerability (CWE-787) that allows local attackers with user-level privileges to execute arbitrary code by crafting malicious input files. The vulnerability affects Smart Editor with a CVSS score of 7.8 (high severity), requiring user interaction (opening a malicious file) but no elevated privileges. Without confirmed KEV, EPSS, or public POC data in the provided intelligence, the real-world exploitation likelihood should be assessed as moderate-to-high given the local attack vector and file-based interaction model typical of engineering software.

Buffer Overflow RCE
CVE-2025-41388 HIGH CVSS 7.8
Stack-based buffer overflow vulnerability in Fuji Electric Smart Editor that allows unauthenticated local attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability requires user interaction (opening a malicious file) but does not require elevated privileges. While the CVSS score of 7.8 reflects high severity, real-world risk depends on KEV status, EPSS score, and public exploit availability, which are not provided in the source data.

Buffer Overflow RCE
CVE-2025-39508 HIGH CVSS 7.1
Reflected Cross-Site Scripting (XSS) vulnerability in NasaTheme Nasa Core versions up to 6.3.2 that allows unauthenticated attackers to inject arbitrary JavaScript code into web pages viewed by other users. The vulnerability affects the Nasa Core component through improper input neutralization during web page generation, enabling attackers to steal session cookies, perform actions on behalf of users, or distribute malware. With a CVSS score of 7.1 and low attack complexity, this vulnerability poses a moderate-to-high risk to affected installations, particularly if the affected theme is actively deployed in production environments.

XSS
CVE-2025-39486 HIGH CVSS 8.5
SQL Injection vulnerability in ValvePress Rankie that allows authenticated attackers to execute arbitrary SQL queries, potentially leading to unauthorized data disclosure and service degradation. The vulnerability affects Rankie across unspecified version ranges and requires valid user credentials to exploit. While the CVSS score of 8.5 indicates high severity, real-world exploitation risk depends on whether public proof-of-concept code exists and the prevalence of Rankie deployments in production environments.

SQLi
CVE-2025-33122 HIGH CVSS 7.5
A privilege escalation vulnerability (CVSS 7.5) that allows a user. High severity vulnerability requiring prompt remediation.

IBM Privilege Escalation
CVE-2025-32549 HIGH CVSS 7.5
A security vulnerability in mojoomla WPGYM allows PHP Local File Inclusion (CVSS 7.5). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure Joomla
CVE-2025-32412 HIGH CVSS 7.8
CVE-2025-32412 is an out-of-bounds read vulnerability in Fuji Electric Smart Editor that permits arbitrary code execution through a local attack vector requiring user interaction. The vulnerability affects Fuji Electric Smart Editor across affected versions and is classified as high-severity with a CVSS score of 7.8. While no KEV or active exploitation is confirmed in the provided data, the local attack vector combined with user interaction requirement and high impact (confidentiality, integrity, availability) makes this a significant concern for organizations using this industrial automation software.

Buffer Overflow RCE
CVE-2025-30988 HIGH CVSS 7.1
Stored Cross-Site Scripting (XSS) vulnerability in CreativeMedia Elite Video Player versions up to 10.0.5 that allows unauthenticated attackers to inject and persist malicious scripts through the web page generation process. An attacker can craft a malicious input that gets stored in the application and executed in the browsers of other users who view the affected page, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability requires user interaction (UI:R) but has a network attack vector with no authentication required, making it a moderate-to-high priority threat depending on deployment context.

XSS
CVE-2025-30680 HIGH CVSS 7.1
Server-Side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central SaaS that allows authenticated attackers to manipulate parameters and disclose sensitive information from affected installations. The vulnerability affects only the SaaS deployment model of Apex Central; SaaS customers receiving automatic monthly maintenance updates are not impacted. While no public exploit or KEV status is indicated, the CVSS 7.1 score and information disclosure capability present moderate risk for organizations with manual SaaS deployments or on-premises installations.

Information Disclosure SSRF Trendmicro Apex Central
CVE-2025-30641 HIGH CVSS 7.8
Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables local privilege escalation. An attacker with low-privileged code execution can exploit this to gain elevated system privileges (confidentiality, integrity, and availability impact). While no public exploit or active exploitation in the wild has been confirmed, the CVSS 7.8 score and low attack complexity indicate this poses a significant risk to organizations running vulnerable versions.

Privilege Escalation Trendmicro Deep Security Agent
CVE-2025-30640 HIGH CVSS 7.8
Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege escalation on affected systems. An attacker with low-privileged code execution capability can exploit this flaw to gain high-level system access. The vulnerability has a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability; KEV and POC status are not confirmed in available data, but the low attack complexity and low privilege requirement indicate moderate real-world risk once initial code execution is obtained.

Privilege Escalation Trendmicro Path Traversal Deep Security Agent
CVE-2025-30562 HIGH CVSS 8.5
A blind SQL injection vulnerability exists in wpdistillery Navigation Tree Elementor plugin (versions up to 1.0.1) that allows authenticated users to extract sensitive database information through specially crafted input. The vulnerability requires user authentication but operates over the network with low attack complexity, enabling attackers with WordPress user accounts to enumerate and exfiltrate data without direct visibility of query results. No publicly disclosed proof-of-concept or active exploitation in KEV has been confirmed at this time, though the 8.5 CVSS score and SQL injection nature warrant immediate patching.

SQLi WordPress PHP
CVE-2025-29002 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in snstheme Simen versions through 4.6 that allows unauthenticated remote attackers to include and execute arbitrary local files via improper control of filename parameters in PHP include/require statements. With a CVSS score of 8.1 and network-based attack vector, this vulnerability enables confidentiality, integrity, and availability compromise; however, the high attack complexity suggests exploitation requires specific conditions or knowledge of the target environment.

PHP Lfi RCE
CVE-2025-28991 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in the snstheme Evon WordPress theme (versions up to 3.4) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. An attacker can exploit this via a network attack with high complexity to achieve arbitrary code execution, data exfiltration, and system compromise. The vulnerability stems from improper input validation on filename parameters passed to PHP include/require statements.

PHP Information Disclosure
CVE-2025-28972 HIGH CVSS 7.6
Blind SQL Injection vulnerability in Suhas Surse WP Employee Attendance System affecting versions through 3.5, allowing authenticated attackers with high privileges to extract sensitive database information. While the CVSS score of 7.6 indicates moderate-to-high severity, the attack requires administrator-level credentials and the confidentiality impact is high; however, integrity and availability impacts are limited. No current KEV designation or widespread public POC availability has been reported, though the vulnerability's nature as SQL injection makes exploitation theoretically straightforward for skilled attackers.

SQLi WordPress PHP Tenda
CVE-2025-24761 HIGH CVSS 8.1
PHP Local File Inclusion (LFI) vulnerability in the snstheme DSK WordPress theme (versions up to 2.2) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper input validation on filename parameters in PHP include/require statements, potentially enabling attackers to read sensitive files, execute code, or compromise the entire WordPress installation. This is a high-severity issue (CVSS 8.1) affecting a popular theme, though real-world exploitation requires moderate attack complexity (AC:H).

PHP Information Disclosure
CVE-2025-6165 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK X15 firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler in the /boafrm/formTmultiAP endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the 'submit-url' parameter to achieve buffer overflow, resulting in complete compromise of the router (data theft, modification, and denial of service). Public exploit code is available and the vulnerability meets the profile of actively exploitable threats.

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK
CVE-2025-6164 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK A3002R router firmware version 4.0.0-B20230531.1404, affecting the HTTP POST request handler in the /boafrm/formMultiAP endpoint. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, increasing real-world exploitation risk.

Buffer Overflow TP-Link A3002r Firmware TOTOLINK
CVE-2025-6163 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK A3002RU routers (version 3.0.0-B20230809.1615 and potentially others) affecting the HTTP POST request handler at endpoint /boafrm/formMultiAP. An authenticated attacker can exploit this via a malicious 'submit-url' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists and the vulnerability is actively exploitable.

Buffer Overflow TP-Link RCE A3002ru Firmware TOTOLINK
CVE-2025-6162 HIGH CVSS 8.8
A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
CVE-2025-6161 HIGH CVSS 7.3
A remote code execution vulnerability (CVSS 7.3). Risk factors: public PoC available.

PHP File Upload Simple Food Ordering System
CVE-2025-6160 HIGH CVSS 7.3
A critical SQL injection vulnerability exists in SourceCodester Client Database Management System version 1.0 affecting the /user_customer_create_order.php file, where the user_id parameter is inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. Public disclosure and proof-of-concept availability elevate exploitation risk, though the CVSS 7.3 rating indicates moderate real-world impact rather than critical severity.

PHP SQLi Downloading Client Database Management System
CVE-2025-6159 HIGH CVSS 7.3
Critical SQL injection vulnerability in code-projects Hostel Management System version 1.0, specifically in the /allocate_room.php file's 'search_box' parameter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, and system disruption. The vulnerability has been publicly disclosed with proof-of-concept code available, making it actively exploitable in the wild.

PHP SQLi Hostel Management System
CVE-2025-6158 HIGH CVSS 8.8
Critical stack-based buffer overflow vulnerability in the HTTP POST request handler (function sub_AC78) of D-Link DIR-665 firmware version 1.00, exploitable remotely by authenticated attackers. The vulnerability allows remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public exploit code is available and the affected product line is no longer maintained by D-Link, significantly elevating real-world risk despite requiring low-privilege authentication.

Buffer Overflow D-Link RCE Dir 655 Firmware
CVE-2025-6157 HIGH CVSS 7.3
Critical SQL injection vulnerability in PHPGurukul Nipah Virus Testing Management System version 1.0, located in the /registered-user-testing.php file where the 'testtype' parameter is improperly sanitized. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially compromising data confidentiality, integrity, and availability. The vulnerability has been publicly disclosed with proof-of-concept code available, presenting immediate exploitation risk in production environments.

PHP SQLi Nipah Virus Testing Management System
CVE-2025-6155 HIGH CVSS 7.3
Critical SQL injection vulnerability in PHPGurukul Hostel Management System 1.0 affecting the login functionality (/includes/login-hm.inc.php). An unauthenticated attacker can manipulate the Username parameter to execute arbitrary SQL queries remotely, potentially compromising data confidentiality, integrity, and availability. Public exploit disclosure and active exploitation potential significantly elevate real-world risk despite a moderate CVSS score of 7.3.

PHP SQLi Hostel Management System
CVE-2025-6154 HIGH CVSS 7.3
A SQL injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

PHP SQLi Hostel Management System
CVE-2025-6153 HIGH CVSS 7.3
A SQL injection vulnerability in A vulnerability (CVSS 7.3). Risk factors: public PoC available.

PHP SQLi Hostel Management System
CVE-2025-6151 HIGH CVSS 8.2
Buffer overflow vulnerability in TP-Link TL-WR940N V4 and TL-WR841N V11 routers, exploitable remotely through the /userRpm/WanSlaacCfgRpm.htm endpoint. An attacker with high privileges can trigger memory corruption leading to availability impact (denial of service) or potential system compromise. This vulnerability affects end-of-life products no longer receiving vendor support, significantly limiting remediation options.

Buffer Overflow TP-Link Tl Wr940n Firmware
CVE-2025-6150 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formMultiAP endpoint. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve complete system compromise including confidentiality, integrity, and availability breaches. A public proof-of-concept exists and the vulnerability is actively exploitable without user interaction.

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK
CVE-2025-6149 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK A3002R firmware version 4.0.0-B20230531.1404 affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an active threat to deployed devices.

Buffer Overflow TP-Link A3002r Firmware TOTOLINK
CVE-2025-6148 HIGH CVSS 8.8
Critical remote buffer overflow vulnerability in TOTOLINK A3002RU firmware version 3.0.0-B20230809.1615 affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit this via manipulation of the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit disclosure and represents an active threat to deployed devices.

Buffer Overflow TP-Link RCE A3002ru Firmware TOTOLINK
CVE-2025-6147 HIGH CVSS 8.8
Critical buffer overflow vulnerability in TOTOLINK A702R router firmware (version 4.0.0-B20230721.1521) affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit this vulnerability remotely by manipulating the submit-url parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, significantly elevating real-world exploitation risk.

Buffer Overflow TP-Link Remote Code Execution A702r Firmware TOTOLINK
CVE-2025-6146 HIGH CVSS 8.8
A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link X15 Firmware TOTOLINK
CVE-2025-6020 HIGH CVSS 7.8
A privilege escalation vulnerability in A flaw (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Path Traversal Redhat Suse
CVE-2025-5349 HIGH CVSS 8.8
Improper access control vulnerability in NetScaler ADC and NetScaler Gateway management interfaces that allows unauthenticated attackers on the adjacent network to gain high-impact unauthorized access (confidentiality, integrity, and availability compromise) without requiring user interaction. This is a critical flaw affecting widely-deployed Citrix infrastructure used by enterprises for application delivery and remote access, with high CVSS 8.8 score reflecting the severity of direct control plane compromise.

Citrix Information Disclosure Netscaler Gateway Netscaler Application Delivery Controller
CVE-2025-4879 HIGH CVSS 7.8
Local privilege escalation vulnerability in Citrix Workspace app for Windows that allows low-privileged users to gain SYSTEM-level privileges through an improper privilege management flaw (CWE-269). The vulnerability has a CVSS score of 7.8 (High) with low attack complexity and no user interaction required, making it a significant local threat. Status of KEV inclusion, active exploitation, and proof-of-concept availability cannot be confirmed from provided data, but the combination of high CVSS and local attack vector suggests meaningful real-world risk for organizations running Citrix Workspace on Windows endpoints.

Privilege Escalation Citrix Windows Workspace
CVE-2025-4365 HIGH CVSS 7.5
CVE-2025-4365 is an arbitrary file read vulnerability affecting Citrix NetScaler Console and NetScaler SDX (SVM) that allows unauthenticated remote attackers to read sensitive files from affected systems. The vulnerability has a CVSS score of 7.5 (high severity) with a network-accessible attack vector requiring no authentication or user interaction. While specific KEV and EPSS data were not provided in the intelligence sources, the combination of high CVSS, unauthenticated access, and file disclosure capability indicates this requires prompt remediation.

Citrix Information Disclosure Path Traversal Netscaler Console Netscaler Sdx
CVE-2025-3774 HIGH CVSS 7.2
The Wise Chat WordPress plugin versions up to 3.3.4 contains a Stored Cross-Site Scripting (XSS) vulnerability in the X-Forwarded-For header processing that allows unauthenticated attackers to inject malicious scripts without authentication or user interaction. When vulnerable pages are accessed by site visitors, the injected scripts execute in their browsers, potentially enabling credential theft, session hijacking, or malware distribution. This vulnerability has a CVSS score of 7.2 (High) and affects all publicly-facing WordPress installations running the affected plugin versions.

WordPress XSS PHP
CVE-2025-3515 HIGH CVSS 8.1
The Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin (versions ≤1.3.8.9) contains an unrestricted file upload vulnerability allowing unauthenticated attackers to bypass file type blacklists and upload dangerous file extensions (.phar, etc.). On servers configured to execute .phar files as PHP (common in default Apache+mod_php setups), this enables remote code execution with high impact to confidentiality, integrity, and availability (CVSS 8.1). While KEV and EPSS data are not provided, the vulnerability is actively exploitable given its public disclosure and network-accessible attack vector.

WordPress PHP RCE Code Injection Drag And Drop Multiple File Upload Contact Form 7
CVE-2025-0320 HIGH CVSS 7.8
Local privilege escalation vulnerability in Citrix Secure Access Client for Windows that allows an authenticated, low-privileged user to escalate their privileges to SYSTEM level without user interaction. The vulnerability affects the Citrix Secure Access Client application on Windows systems and represents a critical threat to enterprise environments where this client is deployed, as successful exploitation grants complete system control. The CVSS 7.8 score and confirmed local attack vector indicate this is a material risk for any organization using this software, though exploitation requires prior local access to an affected system.

Privilege Escalation Citrix Windows Secure Access Client
CVE-2025-49882 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emraan Cheema CubeWP Framework allows DOM-Based XSS. This issue affects CubeWP Framework: from n/a through 1.1.23.

XSS
CVE-2025-49881 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks allows Stored XSS. This issue affects Responsive Blocks: from n/a through 2.0.5.

XSS
CVE-2025-49880 MEDIUM CVSS 4.3
Missing Authorization vulnerability in Emraan Cheema CubeWP Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CubeWP Forms: from n/a through 1.1.5.

Authentication Bypass
CVE-2025-49878 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.4.

XSS
CVE-2025-49877 MEDIUM CVSS 4.9
Server-Side Request Forgery (SSRF) vulnerability in Metagauss ProfileGrid allows Server Side Request Forgery. This issue affects ProfileGrid : from n/a through 5.9.5.2.

SSRF
CVE-2025-49875 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IfSo Dynamic Content If-So Dynamic Content Personalization allows Stored XSS. This issue affects If-So Dynamic Content Personalization: from n/a through 1.9.3.1.

XSS
CVE-2025-49874 MEDIUM CVSS 4.3
A security vulnerability in Missing Authorization vulnerability in tychesoftwares Arconix FAQ (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass
CVE-2025-49872 MEDIUM CVSS 5.3
Missing Authorization vulnerability in WPExperts.io myCred allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects myCred: from n/a through 2.9.4.2.

Authentication Bypass
CVE-2025-49871 MEDIUM CVSS 5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Mutende Noptin allows Stored XSS. This issue affects Noptin: from n/a through 3.8.7.

XSS
CVE-2025-49868 MEDIUM CVSS 4.7
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FunnelKit Automation By Autonami allows Phishing. This issue affects Automation By Autonami: from n/a through 3.6.0.

Open Redirect
CVE-2025-49865 MEDIUM CVSS 4.3
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross Site Request Forgery. This issue affects Advanced Settings: from n/a through 3.0.1.

CSRF
CVE-2025-49864 MEDIUM CVSS 5.3
Missing Authorization vulnerability in AFS Analytics AFS Analytics allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects AFS Analytics: from n/a through 4.21.

Authentication Bypass
CVE-2025-49863 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Stored XSS. This issue affects Advanced Sermons: from n/a through 3.6.

XSS
CVE-2025-49862 MEDIUM CVSS 5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in motov.net Ebook Store allows Stored XSS. This issue affects Ebook Store: from n/a through 5.8008.

XSS
CVE-2025-49861 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timur Kamaev Kama Click Counter allows Stored XSS. This issue affects Kama Click Counter: from n/a through 4.0.3.

XSS
CVE-2025-49859 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in etruel WP Views Counter allows Stored XSS. This issue affects WP Views Counter: from n/a through 2.0.3.

XSS
CVE-2025-49858 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes allows Stored XSS. This issue affects Arconix Shortcodes: from n/a through 2.1.17.

XSS
CVE-2025-49857 MEDIUM CVSS 4.3
Missing Authorization vulnerability in WPExperts.io myCred allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects myCred: from n/a through 2.9.4.2.

Authentication Bypass
CVE-2025-49856 MEDIUM CVSS 4.3
Cross-Site Request Forgery (CSRF) vulnerability in CyberChimps Responsive Plus allows Cross Site Request Forgery. This issue affects Responsive Plus: from n/a through 3.2.2.

CSRF
CVE-2025-49855 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks Flexible Shortcodes allows DOM-Based XSS. This issue affects Meks Flexible Shortcodes: from n/a through 1.3.7.

XSS
CVE-2025-49593 MEDIUM CVSS 6.8
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. Prior to STS version 2.31.0 and LTS version 2.27.7, if a Portainer administrator can be convinced to register a malicious container registry, or an existing container registry can be taken over, HTTP Headers (including registry authentication credentials or Portainer session tokens) may be leaked to that registry. This issue has been patched in STS version 2.31.0 and LTS version 2.27.7.

Information Disclosure Kubernetes Docker
CVE-2025-49487 MEDIUM CVSS 6.8
An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker with physical access to a machine to execute arbitrary code on affected installations. An attacker must have had physical access to the target system in order to exploit this vulnerability due to need to access a certain hardware component. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a previous WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only.

RCE Worry Free Business Security Services
CVE-2025-49234 MEDIUM CVSS 6.5
Missing Authorization vulnerability in Deepak anand WP Dummy Content Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Dummy Content Generator: from n/a through 3.4.6.

Authentication Bypass
CVE-2025-49178 MEDIUM CVSS 5.5
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

Denial Of Service Ubuntu Debian Redhat Suse
CVE-2025-49177 MEDIUM CVSS 6.1
A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

Information Disclosure Ubuntu Debian Redhat Suse
CVE-2025-49175 MEDIUM CVSS 6.1
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

Buffer Overflow Information Disclosure Ubuntu Debian Redhat
CVE-2025-49158 MEDIUM CVSS 6.7
An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Privilege Escalation Apex One
CVE-2025-49149 MEDIUM CVSS 6.1
Dify is an open-source LLM app development platform. In version 1.2.0, there is insufficient filtering of user input by web applications. Attackers can use website vulnerabilities to inject malicious script code into web pages. This may result in a cross-site scripting (XSS) attack when a user browses these web pages. At time of posting, there is no known patched version.

XSS Dify
CVE-2025-48993 MEDIUM CVSS 6.1
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web application does not sanitize their input. This could result in a reflected cross-site scripting (XSS) attack. This issue has been patched in versions 6.8.123 and 25.0.27.

Microsoft XSS Group Office
CVE-2025-48443 MEDIUM CVSS 6.7
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

Privilege Escalation Password Manager
CVE-2025-48111 MEDIUM CVSS 4.3
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH PayPal Express Checkout for WooCommerce allows Cross Site Request Forgery. This issue affects YITH PayPal Express Checkout for WooCommerce: from n/a through 1.49.0.

WordPress CSRF PHP
CVE-2025-47866 MEDIUM CVSS 4.3
An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.

File Upload Apex Central
CVE-2025-45880 MEDIUM CVSS 6.1
A cross-site scripting (XSS) vulnerability in the data resource management function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload.

XSS Amygdala
CVE-2025-45879 MEDIUM CVSS 6.1
A cross-site scripting (XSS) vulnerability in the e-mail manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload.

XSS Amygdala
CVE-2025-45878 MEDIUM CVSS 6.1
A cross-site scripting (XSS) vulnerability in the report manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload.

XSS Amygdala
CVE-2025-40674 MEDIUM CVSS 5.1
Reflected Cross-Site Scripting (XSS) in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the name of any parameter in /watch/en/about-us. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

XSS
CVE-2025-34508 MEDIUM CVSS 6.3
A path traversal vulnerability exists in the file dropoff functionality of ZendTo versions 6.15-7 and prior. This could allow a remote, authenticated attacker to retrieve the files of other ZendTo users, retrieve files on the host system, or cause a denial of service.

Denial Of Service Path Traversal
CVE-2025-30679 MEDIUM CVSS 6.5
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

Information Disclosure SSRF Apex Central
CVE-2025-30678 MEDIUM CVSS 6.5
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

Information Disclosure SSRF Apex Central
CVE-2025-30642 MEDIUM CVSS 5.5
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Denial Of Service Deep Security Agent
CVE-2025-6196 MEDIUM CVSS 5.5
A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like Tumbler, which may process malicious files automatically when browsing directories. While no direct remote attack vectors are confirmed, any application using libgepub to parse user-supplied EPUB content could be vulnerable to a denial of service.

Denial Of Service Integer Overflow Ubuntu Debian Libgepub
CVE-2025-6173 MEDIUM CVSS 4.7
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the argument packItself leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this flaw but considers it a low-level issue due to admin privilege pre-requisites. Still, a fix is planned for a future release.

PHP SQLi Qloapps
CVE-2025-6167 MEDIUM CVSS 5.5
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommended to upgrade the affected component.

Python Path Traversal Python A2a
CVE-2025-6156 MEDIUM CVSS 6.3
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-ds.php. The manipulation of the argument testtype leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Nipah Virus Testing Management System
CVE-2025-6152 MEDIUM CVSS 6.3
A vulnerability, which was classified as critical, was found in Steel Browser up to 0.1.3. This affects the function handleFileUpload of the file api/src/modules/files/files.routes.ts. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. The patch is named 7ba93a10000fb77ee01731478ef40551a27bd5b9. It is recommended to apply a patch to fix this issue.

Path Traversal Browser
CVE-2025-6069 MEDIUM CVSS 4.3
CVE-2025-6069 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Denial Of Service Debian Ubuntu Redhat Suse
CVE-2025-6050 MEDIUM CVSS 4.8
Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting (XSS) vulnerability in the admin interface. The vulnerability exists in the "displayable_links_js" function, which fails to properly sanitize blog post titles before including them in JSON responses served via "/admin/displayable_links.js". An authenticated admin user can create a blog post with a malicious JavaScript payload in the title field, then trick another admin user into clicking a direct link to the "/admin/displayable_links.js" endpoint, causing the malicious script to execute in their browser.

XSS Mezzanine
CVE-2025-5700 MEDIUM CVSS 6.4
The Simple Logo Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
CVE-2025-5673 MEDIUM CVSS 6.5
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi PHP
CVE-2025-5291 MEDIUM CVSS 6.4
The Master Slider - Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's masterslider_pb and ms_slide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS Master Slider PHP
CVE-2025-5209 MEDIUM CVSS 4.8
The Ivory Search WordPress plugin before 5.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

WordPress XSS Ivory Search PHP
CVE-2025-5141 MEDIUM CVSS 5.5
CVE-2025-5141 is a security vulnerability (CVSS 5.5) that allows low privilege local users. Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-4775 MEDIUM CVSS 6.4
The WordPress Infinite Scroll - Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
CVE-2025-3880 MEDIUM CVSS 4.3
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on several functions in all versions up to, and including, 19.9.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to change the email address for the account connection, and disconnect the plugin. Previously created content will still be displayed and functional if the account is disconnected.

WordPress Authentication Bypass PHP
CVE-2024-40570 MEDIUM CVSS 6.5
SQL Injection vulnerability in SeaCMS v.12.9 allows a remote attacker to obtain sensitive information via the admin_datarelate.php component.

PHP SQLi Seacms
CVE-2025-52445 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52444 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52443 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52442 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52441 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52440 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52439 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52438 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-52437 None
Rejected reason: Not used. No vendor patch available.

Information Disclosure
CVE-2025-49843 LOW CVSS 2.7
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_headers function in the conda-smithy repository creates files with permissions exceeding 0o600, allowing read and write access beyond the intended user/owner. This violates the principle of least privilege, which mandates restricting file permissions to the minimum necessary. An attacker could exploit this to access configuration files in shared hosting environments. This issue has been patched in version 3.47.1.

Privilege Escalation
CVE-2025-49842 LOW CVSS 1.0
conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. Prior to version 2025.3.24, the conda_forge_webservice Docker container executes commands without specifying a user. By default, Docker containers run as the root user, which increases the risk of privilege escalation and host compromise if a vulnerability is exploited. This issue has been patched in version 2025.3.24.

Privilege Escalation Docker
CVE-2025-49824 LOW CVSS 1.7
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_encrypt_binstar_token implementation in the conda-smithy package has been identified as vulnerable to an Oracle Padding Attack. This vulnerability results from the use of an outdated and insecure padding scheme during RSA encryption. A malicious actor with access to an oracle system can exploit this flaw by iteratively submitting modified ciphertexts and analyzing responses to infer the plaintext without possessing the private key. This issue has been patched in version 3.47.1.

Oracle Information Disclosure
CVE-2025-49823 NONE
(conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix) using an eval statement, which executes unsanitized user input as shell code. Although the script runs with user privileges (not root), an attacker could exploit this by injecting arbitrary commands through a malicious path during installation. Exploitation requires explicit user action. This issue has been patched in version 3.11.3.

Command Injection
CVE-2025-45526 LOW CVSS 2.9
A denial of service (DoS) vulnerability has been identified in the JavaScript library microlight version 0.0.7. This library, used for syntax highlighting, does not limit the size of textual content it processes in HTML elements with the microlight class. When excessively large content (e.g., 100 million characters) is processed, the reset function in microlight.js consumes excessive memory and CPU resources, causing browser crashes or unresponsiveness. An attacker can exploit this vulnerability by tricking a user into visiting a malicious web page containing a microlight element with large content, resulting in a denial of service. NOTE: this is disputed by multiple parties because a large amount of memory and CPU resources is expected to be needed for content of that size.

Denial Of Service
CVE-2025-45525 LOW CVSS 2.9
A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash. NOTE: this is disputed by multiple parties because there is no common scenario in which an adversary can insert those non-standard values.

Null Pointer Dereference Denial Of Service
CVE-2025-6199 LOW CVSS 3.3
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.

Information Disclosure Ubuntu Debian
CVE-2025-6166 LOW CVSS 3.5
A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The identifier of the patch is 5db74202d632306a883ccce7339c5bdba0d16c5a. It is recommended to upgrade the affected component.

Python Path Traversal
CVE-2025-4754 LOW CVSS 2.3
A security vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking (CVSS 2.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-3494 None
Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue. No vendor patch available.

Information Disclosure
CVE-2025-3493 None
Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue. No vendor patch available.

Information Disclosure
CVE-2024-45380 None
Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. No vendor patch available.

Information Disclosure
CVE-2024-45069 None
Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. No vendor patch available.

Information Disclosure
CVE-2024-45065 None
Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. No vendor patch available.

Information Disclosure
CVE-2024-43422 None
Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. No vendor patch available.

Information Disclosure
CVE-2024-21856 LOW CVSS -1.0
Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. Rated low severity (CVSS -1.0). No vendor patch available.

Information Disclosure

Today's Vulnerabilities Vulnerabilities