Skip to main content
CVE-2025-24773 CRITICAL Act Now

Critical SQL injection vulnerability in the WPCRM plugin (versions up to 3.2.0) for WordPress, affecting deployments integrating Contact Form 7 and WooCommerce. An unauthenticated remote attacker can execute arbitrary SQL commands with high confidence (CVSS 9.3, EPSS score likely elevated) to extract sensitive customer relationship and transaction data, though direct data modification and system availability impacts are limited. Immediate patching is strongly recommended for all affected installations.

WordPress SQLi
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2025-48274 CRITICAL Act Now

A SQL injection vulnerability in wpjobportal WP Job Portal allows Blind SQL Injection (CVSS 9.3). Critical severity with potential for significant impact on affected systems.

SQLi
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2025-4404 CRITICAL PATCH Act Now

Critical privilege escalation vulnerability in FreeIPA that allows authenticated users with high privileges to create Kerberos services with the same canonical name (krbCanonicalName) as the realm administrator, enabling them to obtain administrative credentials. The vulnerability affects FreeIPA default configurations where uniqueness validation is not enforced, allowing attackers to retrieve Kerberos tickets with admin@REALM credentials and perform unrestricted administrative operations. With a CVSS 9.1 score and network-accessible attack vector, this represents a severe threat to FreeIPA-based identity infrastructures, particularly in environments where service creation permissions are delegated or insufficiently restricted.

Privilege Escalation Information Disclosure Canonical
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-49847 HIGH PATCH This Week

A buffer overflow vulnerability in llama.cpp (CVSS 8.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Buffer Overflow RCE Llama.Cpp Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-49155 HIGH PATCH This Week

CVE-2025-49155 is an uncontrolled search path vulnerability in Trend Micro Apex One's Data Loss Prevention (DLP) module that allows unauthenticated remote attackers to inject and execute arbitrary code. The vulnerability requires user interaction (CVSS UI:R) but poses critical risk to organizations deploying Apex One, as successful exploitation grants full system compromise with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation likelihood should be assessed against current threat intelligence for active in-the-wild usage.

RCE Trend Micro Code Injection Path Traversal Apex One
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49215 HIGH PATCH This Week

Post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that enables authenticated attackers to escalate privileges and achieve full system compromise (confidentiality, integrity, and availability impact). The vulnerability requires an attacker to first obtain low-privileged code execution on the target system before exploiting the SQL injection to escalate to administrative privileges. With a CVSS score of 8.8 and network accessibility, this represents a significant risk to organizations running vulnerable PolicyServer instances, particularly in environments where initial compromise vectors (phishing, lateral movement, supply chain) are plausible.

SQLi Trend Micro Privilege Escalation Trend Micro Endpoint Encryption
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-5209 MEDIUM POC PATCH This Month

The Ivory Search WordPress plugin before 5.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

WordPress XSS Ivory Search PHP
NVD WPScan
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-6050 MEDIUM POC PATCH This Month

Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting (XSS) vulnerability in the admin interface. The vulnerability exists in the "displayable_links_js" function, which fails to properly sanitize blog post titles before including them in JSON responses served via "/admin/displayable_links.js". An authenticated admin user can create a blog post with a malicious JavaScript payload in the title field, then trick another admin user into clicking a direct link to the "/admin/displayable_links.js" endpoint, causing the malicious script to execute in their browser.

XSS Mezzanine
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-49154 HIGH PATCH This Week

CVE-2025-49154 is an insecure access control vulnerability (CWE-284) in Trend Micro Apex One and Worry-Free Business Security that allows a local attacker with low-privileged code execution to overwrite critical memory-mapped files, potentially compromising system security and stability. With a CVSS score of 8.7 and low attack complexity, this vulnerability poses a significant risk to enterprise security postures, though exploitation requires prior code execution access. No active KEV confirmation or public POC availability is documented in standard vulnerability databases at this time.

Trend Micro Privilege Escalation Information Disclosure Worry Free Business Security Worry Free Business Security Services +1
NVD
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-49879 HIGH This Week

Path traversal vulnerability in themezaa Litho that allows unauthenticated network attackers to cause a denial of service by accessing files outside the intended directory structure. Affected versions range from an unspecified baseline through version 3.0 of the Litho product. The vulnerability has a high CVSS score of 8.6 with a network attack vector and no authentication requirements, making it easily exploitable by remote attackers.

Path Traversal
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-49415 HIGH This Week

Path traversal vulnerability in Fastw3b LLC FW Gallery (versions through 8.0.0) that allows unauthenticated remote attackers to cause denial of service by manipulating file path parameters. The vulnerability has a high CVSS score of 8.6 due to its network accessibility and lack of authentication requirements, though impact is limited to availability rather than confidentiality or integrity. Specific KEV status, EPSS scores, and publicly available POC information cannot be confirmed from the provided data, warranting immediate vendor contact for patch availability and exploitation status.

Path Traversal
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-48118 HIGH This Week

SQL injection vulnerability in WpExperts Hub's Woocommerce Partial Shipment plugin (versions up to 3.2) that allows authenticated attackers with low privileges to execute arbitrary SQL queries. The vulnerability has a CVSS score of 8.5 (High) with network accessibility and low attack complexity, enabling attackers to read sensitive database information and potentially disrupt service availability. The attack requires valid user credentials but no special interaction, making it a significant risk for multi-user WordPress/WooCommerce installations.

WordPress SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-39486 HIGH PATCH This Week

SQL Injection vulnerability in ValvePress Rankie that allows authenticated attackers to execute arbitrary SQL queries, potentially leading to unauthorized data disclosure and service degradation. The vulnerability affects Rankie across unspecified version ranges and requires valid user credentials to exploit. While the CVSS score of 8.5 indicates high severity, real-world exploitation risk depends on whether public proof-of-concept code exists and the prevalence of Rankie deployments in production environments.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-30562 HIGH This Week

A blind SQL injection vulnerability exists in wpdistillery Navigation Tree Elementor plugin (versions up to 1.0.1) that allows authenticated users to extract sensitive database information through specially crafted input. The vulnerability requires user authentication but operates over the network with low attack complexity, enabling attackers with WordPress user accounts to enumerate and exfiltrate data without direct visibility of query results. No publicly disclosed proof-of-concept or active exploitation in KEV has been confirmed at this time, though the 8.5 CVSS score and SQL injection nature warrant immediate patching.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-49850 HIGH This Week

Heap-based buffer overflow vulnerability in PRJ file parsing that allows local attackers with user interaction to achieve high-impact memory corruption, potentially leading to arbitrary code execution or information disclosure. The vulnerability stems from insufficient validation of user-supplied data within PRJ file structures, enabling attackers to read and write past allocated buffer boundaries. No current KEV status or active exploitation data is available in public records, but the local attack vector and requirement for user interaction (file opening) suggest moderate real-world risk despite the high CVSS score.

Buffer Overflow Heap Overflow Memory Corruption
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49849 HIGH This Week

CVE-2025-49849 is an out-of-bounds read vulnerability in PRJ file parsing that enables memory corruption through insufficient validation of user-supplied data. The vulnerability affects applications processing PRJ files (commonly associated with project management software) and allows local attackers with user interaction to read and write beyond allocated memory boundaries, potentially leading to information disclosure or code execution. While the CVSS score is moderately high (8.4), real-world exploitability depends on KEV status and active exploitation reports, which are not currently documented in available intelligence.

Buffer Overflow Information Disclosure Memory Corruption
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49848 HIGH This Week

CVE-2025-49848 is an out-of-bounds write vulnerability in PRJ file parsing that allows unauthenticated local attackers with user interaction to corrupt memory and potentially achieve arbitrary code execution or application crash. The vulnerability stems from insufficient input validation when processing PRJ files, enabling attackers to read and write past allocated buffer boundaries. While no public exploit code or active in-the-wild exploitation has been confirmed at analysis time, the high CVSS score (8.4) and critical impact ratings (confidentiality, integrity, availability all HIGH) indicate this requires prioritized patching.

Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49508 HIGH PATCH This Week

PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in LoftOcean CozyStay that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The vulnerability affects CozyStay with a CVSS score of 8.1 (High severity), enabling attackers to read sensitive files, execute arbitrary code, or compromise system integrity without requiring user interaction or authentication.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49261 HIGH This Week

PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in thembay Diza affecting versions through 1.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated network attacker can exploit this with high complexity to achieve arbitrary file inclusion, leading to information disclosure, code execution, or system compromise. The high CVSS score of 8.1 reflects the severity of potential impacts (confidentiality, integrity, and availability), though real-world exploitability depends on PHP configuration and the specific include/require patterns in affected code.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49260 HIGH This Week

A security vulnerability in thembay Aora allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49259 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Hara that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. Affected versions range from an unspecified baseline through version 1.2.10. While the CVSS score of 8.1 is elevated, the attack complexity is rated 'High,' suggesting real-world exploitation requires specific environmental conditions or timing.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49258 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Maia versions up to 1.1.15, caused by improper control of filenames in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this over the network with high complexity to read arbitrary files on the server, potentially leading to code execution, information disclosure, and system compromise. The vulnerability has a CVSS 3.1 score of 8.1 (High severity) with network accessibility and no privilege requirements, though exploitation requires non-standard conditions (AC:H).

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49257 HIGH This Week

A security vulnerability in thembay Zota allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49256 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Sapa that allows unauthenticated remote attackers to include and execute arbitrary PHP files through improper input validation on filename parameters in include/require statements. Affected versions range from an unspecified baseline through version 1.1.14. With a CVSS score of 8.1 and network-accessible attack vector, this vulnerability enables confidentiality, integrity, and availability compromise, though exploitation requires high attack complexity (AC:H) suggesting non-trivial preconditions.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49255 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Ruza versions up to 1.0.7, stemming from improper control of filename parameters in PHP include/require statements. An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server and potentially execute code, achieving high confidentiality, integrity, and availability impact. The CVSS score of 8.1 reflects significant risk, though the attack complexity is marked as high, suggesting exploitation may require specific conditions or user interaction timing.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49254 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Nika theme versions through 1.2.8, caused by improper control of filename parameters in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server filesystem, potentially leading to information disclosure, code execution, or system compromise. The CVSS score of 8.1 (High) reflects significant confidentiality and integrity impact, though the AC:H (Attack Complexity: High) rating suggests some exploitation difficulty; KEV status and active exploitation data would further clarify immediate risk priority.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49253 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Lasa versions up to 1.1, caused by improper control of filename parameters in PHP include/require statements. This allows unauthenticated remote attackers to include and execute arbitrary local files on the server, potentially leading to remote code execution, information disclosure, and system compromise. The high CVSS score of 8.1 reflects the severity of this vulnerability, though the high attack complexity (AC:H) suggests exploitation may require specific environmental conditions or knowledge of the target system.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49252 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Besa versions through 2.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated remote attacker can exploit this via a network vector with high complexity to achieve arbitrary file read/write capabilities, potentially leading to remote code execution. The high CVSS score of 8.1 reflects the severity of the confidentiality, integrity, and availability impact, though real-world exploitation requires specific conditions given the AC:H rating.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49251 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Fana versions through 1.1.28 that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The high CVSS score of 8.1 reflects the potential for confidentiality, integrity, and availability impact, though the 'H' attack complexity suggests exploitation requires specific conditions or knowledge of the application architecture. No publicly confirmed KEV or widespread active exploitation is documented, but the 2025 CVE date indicates this is a recently disclosed vulnerability requiring immediate attention from Fana users.

PHP LFI Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-29002 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in snstheme Simen versions through 4.6 that allows unauthenticated remote attackers to include and execute arbitrary local files via improper control of filename parameters in PHP include/require statements. With a CVSS score of 8.1 and network-based attack vector, this vulnerability enables confidentiality, integrity, and availability compromise; however, the high attack complexity suggests exploitation requires specific conditions or knowledge of the target environment.

PHP LFI Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-28991 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in the snstheme Evon WordPress theme (versions up to 3.4) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. An attacker can exploit this via a network attack with high complexity to achieve arbitrary code execution, data exfiltration, and system compromise. The vulnerability stems from improper input validation on filename parameters passed to PHP include/require statements.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-24761 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in the snstheme DSK WordPress theme (versions up to 2.2) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper input validation on filename parameters in PHP include/require statements, potentially enabling attackers to read sensitive files, execute code, or compromise the entire WordPress installation. This is a high-severity issue (CVSS 8.1) affecting a popular theme, though real-world exploitation requires moderate attack complexity (AC:H).

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-30641 HIGH PATCH This Week

Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables local privilege escalation. An attacker with low-privileged code execution can exploit this to gain elevated system privileges (confidentiality, integrity, and availability impact). While no public exploit or active exploitation in the wild has been confirmed, the CVSS 7.8 score and low attack complexity indicate this poses a significant risk to organizations running vulnerable versions.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49385 HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.

Privilege Escalation Trend Micro Windows Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-30640 HIGH PATCH This Week

Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege escalation on affected systems. An attacker with low-privileged code execution capability can exploit this flaw to gain high-level system access. The vulnerability has a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability; KEV and POC status are not confirmed in available data, but the low attack complexity and low privilege requirement indicate moderate real-world risk once initial code execution is obtained.

Privilege Escalation Trend Micro Path Traversal Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49180 HIGH PATCH This Week

CVE-2025-49180 is an integer overflow vulnerability in the RandR (Resize and Rotate) X11 extension's RRChangeProviderProperty function that fails to properly validate input parameters. This allows a local, unprivileged attacker to trigger memory allocation failures or heap corruption, potentially leading to privilege escalation or denial of service on X11-based systems. The vulnerability requires local access and low privileges to exploit, making it a significant risk for multi-user systems and shared computing environments.

Buffer Overflow Integer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49157 HIGH PATCH This Week

Privilege escalation vulnerability in Trend Micro Apex One's Damage Cleanup Engine that exploits improper link following (CWE-269), allowing local attackers with low-privilege code execution to escalate to higher privileges. The vulnerability requires initial code execution on the target system but presents significant risk due to its high CVSS score (7.8) and likely real-world exploitability given the common prevalence of local code execution vectors in enterprise environments.

Privilege Escalation Trend Micro Apex One
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49384 HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.

Privilege Escalation Trend Micro Path Traversal Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-0320 HIGH PATCH This Week

Local privilege escalation vulnerability in Citrix Secure Access Client for Windows that allows an authenticated, low-privileged user to escalate their privileges to SYSTEM level without user interaction. The vulnerability affects the Citrix Secure Access Client application on Windows systems and represents a critical threat to enterprise environments where this client is deployed, as successful exploitation grants complete system control. The CVSS 7.8 score and confirmed local attack vector indicate this is a material risk for any organization using this software, though exploitation requires prior local access to an affected system.

Privilege Escalation Citrix Windows Secure Access Client
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-41413 HIGH This Week

Fuji Electric Smart Editor contains an out-of-bounds write vulnerability (CWE-787) that allows local attackers with user-level privileges to execute arbitrary code by crafting malicious input files. The vulnerability affects Smart Editor with a CVSS score of 7.8 (high severity), requiring user interaction (opening a malicious file) but no elevated privileges. Without confirmed KEV, EPSS, or public POC data in the provided intelligence, the real-world exploitation likelihood should be assessed as moderate-to-high given the local attack vector and file-based interaction model typical of engineering software.

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-41388 HIGH This Week

Stack-based buffer overflow vulnerability in Fuji Electric Smart Editor that allows unauthenticated local attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability. The vulnerability requires user interaction (opening a malicious file) but does not require elevated privileges. While the CVSS score of 7.8 reflects high severity, real-world risk depends on KEV status, EPSS score, and public exploit availability, which are not provided in the source data.

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-32412 HIGH This Week

CVE-2025-32412 is an out-of-bounds read vulnerability in Fuji Electric Smart Editor that permits arbitrary code execution through a local attack vector requiring user interaction. The vulnerability affects Fuji Electric Smart Editor across affected versions and is classified as high-severity with a CVSS score of 7.8. While no KEV or active exploitation is confirmed in the provided data, the local attack vector combined with user interaction requirement and high impact (confidentiality, integrity, availability) makes this a significant concern for organizations using this industrial automation software.

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-4879 HIGH PATCH This Week

Local privilege escalation vulnerability in Citrix Workspace app for Windows that allows low-privileged users to gain SYSTEM-level privileges through an improper privilege management flaw (CWE-269). The vulnerability has a CVSS score of 7.8 (High) with low attack complexity and no user interaction required, making it a significant local threat. Status of KEV inclusion, active exploitation, and proof-of-concept availability cannot be confirmed from provided data, but the combination of high CVSS and local attack vector suggests meaningful real-world risk for organizations running Citrix Workspace on Windows endpoints.

Privilege Escalation Citrix Windows Workspace
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49218 HIGH PATCH This Week

Post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that allows low-privileged authenticated users to escalate privileges through SQL injection attacks. The vulnerability has a CVSS score of 7.7 (high severity) with significant impact on confidentiality, integrity, and availability. While this is a post-auth vulnerability requiring initial low-privileged code execution, successful exploitation enables privilege escalation, making it a critical concern for organizations running affected PolicyServer instances.

SQLi Trend Micro Privilege Escalation Trend Micro Endpoint Encryption
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-49211 HIGH PATCH This Week

SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that enables privilege escalation on affected systems. The vulnerability requires an attacker to first obtain low-privileged code execution on the target system, after which SQL injection can be leveraged to escalate privileges and gain high-impact access (confidentiality compromise, integrity violation, availability disruption). With a CVSS score of 7.7 and local attack vector, this poses a significant risk to organizations running vulnerable PolicyServer instances, particularly in multi-user environments or where low-privileged service accounts are present.

SQLi Trend Micro Privilege Escalation Trend Micro Endpoint Encryption
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-47865 HIGH PATCH This Week

Local File Inclusion (LFI) vulnerability in Trend Micro Apex Central widgets that enables remote code execution (RCE) on affected systems. This vulnerability affects Trend Micro Apex Central installations below version 8.0.6955 and requires an authenticated attacker with low privileges to exploit. The vulnerability combines LFI with RCE capabilities, representing a significant threat to organizations using vulnerable Apex Central deployments.

RCE Trend Micro LFI Apex Central
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2025-47867 HIGH PATCH This Week

Local File Inclusion (LFI) vulnerability in Trend Micro Apex Central widgets (versions below 8.0.6955) that allows authenticated attackers to include and execute arbitrary PHP files, achieving remote code execution on affected systems. The vulnerability requires low-level user authentication and moderate attack complexity but carries high impact across confidentiality, integrity, and availability. Active exploitation status and proof-of-concept availability have not been confirmed from the provided data, but the authentication requirement and network accessibility make this a credible threat to deployed Apex Central instances.

PHP RCE Trend Micro LFI Apex Central
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2025-49854 HIGH This Week

SQL Injection vulnerability in Anh Tran Slim SEO plugin (versions through 4.5.4) that allows high-privileged attackers to execute arbitrary SQL commands, potentially leading to data exfiltration and service disruption. The vulnerability requires administrator-level privileges to exploit, significantly limiting its real-world impact compared to unauthenticated SQL injection attacks. While the CVSS score of 7.6 indicates moderate-to-high severity, the privilege requirement (PR:H) substantially reduces the practical threat landscape.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2025-28972 HIGH This Week

Blind SQL Injection vulnerability in Suhas Surse WP Employee Attendance System affecting versions through 3.5, allowing authenticated attackers with high privileges to extract sensitive database information. While the CVSS score of 7.6 indicates moderate-to-high severity, the attack requires administrator-level credentials and the confidentiality impact is high; however, integrity and availability impacts are limited. No current KEV designation or widespread public POC availability has been reported, though the vulnerability's nature as SQL injection makes exploitation theoretically straightforward for skilled attackers.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2025-4365 HIGH PATCH This Week

CVE-2025-4365 is an arbitrary file read vulnerability affecting Citrix NetScaler Console and NetScaler SDX (SVM) that allows unauthenticated remote attackers to read sensitive files from affected systems. The vulnerability has a CVSS score of 7.5 (high severity) with a network-accessible attack vector requiring no authentication or user interaction. While specific KEV and EPSS data were not provided in the intelligence sources, the combination of high CVSS, unauthenticated access, and file disclosure capability indicates this requires prompt remediation.

Citrix Information Disclosure Path Traversal Netscaler Console Netscaler Sdx
NVD
CVSS 3.1
7.5
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy