Skip to main content
CVE-2025-5777 HIGH POC KEV PATCH THREAT CERT-EU Act Now

Citrix NetScaler ADC and Gateway contain an input validation vulnerability (CVE-2025-5777, CVSS 7.5) leading to memory overread when configured as VPN or AAA virtual server. KEV-listed with EPSS 69.8% and public PoC, this vulnerability enables remote unauthenticated attackers to read sensitive data from the appliance's memory, potentially exposing session tokens, credentials, and encryption keys — similar to the Heartbleed class of memory disclosure bugs.

Information Disclosure Citrix Memory Corruption Netscaler Gateway Netscaler Application Delivery Controller
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
69.8%
Threat
6.6
CVE-2025-34510 HIGH POC THREAT Act Now

Sitecore Experience Manager, Platform, and Commerce versions 9.0 through 10.4 contain a Zip Slip vulnerability that allows authenticated attackers to write arbitrary files outside the intended upload directory. By crafting ZIP archives with path traversal entries, attackers can overwrite application files and achieve remote code execution.

RCE Path Traversal Managed Cloud Experience Manager Experience Commerce +1
NVD
CVSS 3.1
8.8
EPSS
87.3%
Threat
5.9
CVE-2025-34511 HIGH POC THREAT Act Now

Sitecore PowerShell Extensions through version 7.0 allows authenticated users to upload arbitrary files including ASPX webshells via crafted HTTP requests. The unrestricted file upload bypasses content type restrictions, enabling remote code execution on the Sitecore IIS server with any authenticated account.

File Upload RCE Experience Manager Experience Commerce Experience Platform +1
NVD
CVSS 3.1
8.8
EPSS
78.7%
Threat
5.6
CVE-2025-34509 HIGH POC PATCH THREAT Act Now

Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 through 10.4.1 contain a hardcoded administrative user account that allows unauthenticated remote attackers to gain unauthorized access to sensitive administrative APIs over HTTP without authentication. This vulnerability has a CVSS score of 7.5 (High) and enables confidentiality breach through direct API access; exploitation likelihood is high due to the low attack complexity and lack of authentication requirements.

Information Disclosure Experience Commerce Managed Cloud Experience Manager Experience Platform
NVD
CVSS 3.1
7.5
EPSS
23.2%
CVE-2025-3515 HIGH POC PATCH This Week

The Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin (versions ≤1.3.8.9) contains an unrestricted file upload vulnerability allowing unauthenticated attackers to bypass file type blacklists and upload dangerous file extensions (.phar, etc.). On servers configured to execute .phar files as PHP (common in default Apache+mod_php setups), this enables remote code execution with high impact to confidentiality, integrity, and availability (CVSS 8.1). While KEV and EPSS data are not provided, the vulnerability is actively exploitable given its public disclosure and network-accessible attack vector.

WordPress PHP RCE Code Injection Drag And Drop Multiple File Upload Contact Form 7
NVD
CVSS 3.1
8.1
EPSS
4.6%
CVE-2025-6165 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK X15 firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler in the /boafrm/formTmultiAP endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the 'submit-url' parameter to achieve buffer overflow, resulting in complete compromise of the router (data theft, modification, and denial of service). Public exploit code is available and the vulnerability meets the profile of actively exploitable threats.

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6164 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK A3002R router firmware version 4.0.0-B20230531.1404, affecting the HTTP POST request handler in the /boafrm/formMultiAP endpoint. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, increasing real-world exploitation risk.

Buffer Overflow TP-Link A3002r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6163 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK A3002RU routers (version 3.0.0-B20230809.1615 and potentially others) affecting the HTTP POST request handler at endpoint /boafrm/formMultiAP. An authenticated attacker can exploit this via a malicious 'submit-url' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists and the vulnerability is actively exploitable.

Buffer Overflow TP-Link RCE A3002ru Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6162 HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6150 HIGH POC This Week

Critical remote buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formMultiAP endpoint. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve complete system compromise including confidentiality, integrity, and availability breaches. A public proof-of-concept exists and the vulnerability is actively exploitable without user interaction.

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6149 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK A3002R firmware version 4.0.0-B20230531.1404 affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an active threat to deployed devices.

Buffer Overflow TP-Link A3002r Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6148 HIGH POC This Week

Critical remote buffer overflow vulnerability in TOTOLINK A3002RU firmware version 3.0.0-B20230809.1615 affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit this via manipulation of the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. The vulnerability has public exploit disclosure and represents an active threat to deployed devices.

Buffer Overflow TP-Link RCE A3002ru Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6147 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK A702R router firmware (version 4.0.0-B20230721.1521) affecting the HTTP POST request handler for the /boafrm/formSysLog endpoint. An authenticated attacker can exploit this vulnerability remotely by manipulating the submit-url parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, significantly elevating real-world exploitation risk.

Buffer Overflow TP-Link A702r Firmware TOTOLINK RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6146 HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6158 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in the HTTP POST request handler (function sub_AC78) of D-Link DIR-665 firmware version 1.00, exploitable remotely by authenticated attackers. The vulnerability allows remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public exploit code is available and the affected product line is no longer maintained by D-Link, significantly elevating real-world risk despite requiring low-privilege authentication.

Buffer Overflow D-Link RCE Dir 655 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-5349 HIGH POC PATCH CERT-EU This Week

Improper access control vulnerability in NetScaler ADC and NetScaler Gateway management interfaces that allows unauthenticated attackers on the adjacent network to gain high-impact unauthorized access (confidentiality, integrity, and availability compromise) without requiring user interaction. This is a critical flaw affecting widely-deployed Citrix infrastructure used by enterprises for application delivery and remote access, with high CVSS 8.8 score reflecting the severity of direct control plane compromise.

Citrix Information Disclosure Netscaler Gateway Netscaler Application Delivery Controller
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-6151 HIGH POC This Week

Buffer overflow vulnerability in TP-Link TL-WR940N V4 and TL-WR841N V11 routers, exploitable remotely through the /userRpm/WanSlaacCfgRpm.htm endpoint. An attacker with high privileges can trigger memory corruption leading to availability impact (denial of service) or potential system compromise. This vulnerability affects end-of-life products no longer receiving vendor support, significantly limiting remediation options.

Buffer Overflow TP-Link Tl Wr940n Firmware
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.5%
CVE-2025-6020 HIGH PATCH CISA Act Now

A privilege escalation vulnerability in A flaw (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Path Traversal
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-49214 HIGH PATCH This Week

Post-authentication insecure deserialization vulnerability in Trend Micro Endpoint Encryption PolicyServer that allows remote code execution with high impact on confidentiality, integrity, and availability. While the CVSS score of 8.8 is significant, exploitation requires prior low-privileged code execution on the target system, substantially reducing real-world attack surface compared to unauthenticated network exploits. The vulnerability affects Trend Micro Endpoint Encryption installations and should be prioritized based on organizational exposure to this specific product line and internal threat modeling of low-privileged account compromise scenarios.

Deserialization RCE Trend Micro Privilege Escalation Trend Micro Endpoint Encryption
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2025-49847 HIGH PATCH This Week

A buffer overflow vulnerability in llama.cpp (CVSS 8.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Buffer Overflow RCE Llama.Cpp Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-49155 HIGH PATCH This Week

CVE-2025-49155 is an uncontrolled search path vulnerability in Trend Micro Apex One's Data Loss Prevention (DLP) module that allows unauthenticated remote attackers to inject and execute arbitrary code. The vulnerability requires user interaction (CVSS UI:R) but poses critical risk to organizations deploying Apex One, as successful exploitation grants full system compromise with high confidentiality, integrity, and availability impact (CVSS 8.8). Exploitation likelihood should be assessed against current threat intelligence for active in-the-wild usage.

RCE Trend Micro Code Injection Path Traversal Apex One
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49215 HIGH PATCH This Week

Post-authentication SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that enables authenticated attackers to escalate privileges and achieve full system compromise (confidentiality, integrity, and availability impact). The vulnerability requires an attacker to first obtain low-privileged code execution on the target system before exploiting the SQL injection to escalate to administrative privileges. With a CVSS score of 8.8 and network accessibility, this represents a significant risk to organizations running vulnerable PolicyServer instances, particularly in environments where initial compromise vectors (phishing, lateral movement, supply chain) are plausible.

SQLi Trend Micro Privilege Escalation Trend Micro Endpoint Encryption
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49154 HIGH PATCH This Week

CVE-2025-49154 is an insecure access control vulnerability (CWE-284) in Trend Micro Apex One and Worry-Free Business Security that allows a local attacker with low-privileged code execution to overwrite critical memory-mapped files, potentially compromising system security and stability. With a CVSS score of 8.7 and low attack complexity, this vulnerability poses a significant risk to enterprise security postures, though exploitation requires prior code execution access. No active KEV confirmation or public POC availability is documented in standard vulnerability databases at this time.

Trend Micro Privilege Escalation Information Disclosure Worry Free Business Security Worry Free Business Security Services +1
NVD
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-49879 HIGH This Week

Path traversal vulnerability in themezaa Litho that allows unauthenticated network attackers to cause a denial of service by accessing files outside the intended directory structure. Affected versions range from an unspecified baseline through version 3.0 of the Litho product. The vulnerability has a high CVSS score of 8.6 with a network attack vector and no authentication requirements, making it easily exploitable by remote attackers.

Path Traversal
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-49415 HIGH This Week

Path traversal vulnerability in Fastw3b LLC FW Gallery (versions through 8.0.0) that allows unauthenticated remote attackers to cause denial of service by manipulating file path parameters. The vulnerability has a high CVSS score of 8.6 due to its network accessibility and lack of authentication requirements, though impact is limited to availability rather than confidentiality or integrity. Specific KEV status, EPSS scores, and publicly available POC information cannot be confirmed from the provided data, warranting immediate vendor contact for patch availability and exploitation status.

Path Traversal
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-48118 HIGH This Week

SQL injection vulnerability in WpExperts Hub's Woocommerce Partial Shipment plugin (versions up to 3.2) that allows authenticated attackers with low privileges to execute arbitrary SQL queries. The vulnerability has a CVSS score of 8.5 (High) with network accessibility and low attack complexity, enabling attackers to read sensitive database information and potentially disrupt service availability. The attack requires valid user credentials but no special interaction, making it a significant risk for multi-user WordPress/WooCommerce installations.

WordPress SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-39486 HIGH PATCH This Week

SQL Injection vulnerability in ValvePress Rankie that allows authenticated attackers to execute arbitrary SQL queries, potentially leading to unauthorized data disclosure and service degradation. The vulnerability affects Rankie across unspecified version ranges and requires valid user credentials to exploit. While the CVSS score of 8.5 indicates high severity, real-world exploitation risk depends on whether public proof-of-concept code exists and the prevalence of Rankie deployments in production environments.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-30562 HIGH This Week

A blind SQL injection vulnerability exists in wpdistillery Navigation Tree Elementor plugin (versions up to 1.0.1) that allows authenticated users to extract sensitive database information through specially crafted input. The vulnerability requires user authentication but operates over the network with low attack complexity, enabling attackers with WordPress user accounts to enumerate and exfiltrate data without direct visibility of query results. No publicly disclosed proof-of-concept or active exploitation in KEV has been confirmed at this time, though the 8.5 CVSS score and SQL injection nature warrant immediate patching.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-49850 HIGH This Week

Heap-based buffer overflow vulnerability in PRJ file parsing that allows local attackers with user interaction to achieve high-impact memory corruption, potentially leading to arbitrary code execution or information disclosure. The vulnerability stems from insufficient validation of user-supplied data within PRJ file structures, enabling attackers to read and write past allocated buffer boundaries. No current KEV status or active exploitation data is available in public records, but the local attack vector and requirement for user interaction (file opening) suggest moderate real-world risk despite the high CVSS score.

Buffer Overflow Heap Overflow Memory Corruption
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49849 HIGH This Week

CVE-2025-49849 is an out-of-bounds read vulnerability in PRJ file parsing that enables memory corruption through insufficient validation of user-supplied data. The vulnerability affects applications processing PRJ files (commonly associated with project management software) and allows local attackers with user interaction to read and write beyond allocated memory boundaries, potentially leading to information disclosure or code execution. While the CVSS score is moderately high (8.4), real-world exploitability depends on KEV status and active exploitation reports, which are not currently documented in available intelligence.

Buffer Overflow Information Disclosure Memory Corruption
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49848 HIGH This Week

CVE-2025-49848 is an out-of-bounds write vulnerability in PRJ file parsing that allows unauthenticated local attackers with user interaction to corrupt memory and potentially achieve arbitrary code execution or application crash. The vulnerability stems from insufficient input validation when processing PRJ files, enabling attackers to read and write past allocated buffer boundaries. While no public exploit code or active in-the-wild exploitation has been confirmed at analysis time, the high CVSS score (8.4) and critical impact ratings (confidentiality, integrity, availability all HIGH) indicate this requires prioritized patching.

Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-49508 HIGH PATCH This Week

PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in LoftOcean CozyStay that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The vulnerability affects CozyStay with a CVSS score of 8.1 (High severity), enabling attackers to read sensitive files, execute arbitrary code, or compromise system integrity without requiring user interaction or authentication.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49261 HIGH This Week

PHP Local/Remote File Inclusion (LFI/RFI) vulnerability in thembay Diza affecting versions through 1.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated network attacker can exploit this with high complexity to achieve arbitrary file inclusion, leading to information disclosure, code execution, or system compromise. The high CVSS score of 8.1 reflects the severity of potential impacts (confidentiality, integrity, and availability), though real-world exploitability depends on PHP configuration and the specific include/require patterns in affected code.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49260 HIGH This Week

A security vulnerability in thembay Aora allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49259 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Hara that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. Affected versions range from an unspecified baseline through version 1.2.10. While the CVSS score of 8.1 is elevated, the attack complexity is rated 'High,' suggesting real-world exploitation requires specific environmental conditions or timing.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49258 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Maia versions up to 1.1.15, caused by improper control of filenames in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this over the network with high complexity to read arbitrary files on the server, potentially leading to code execution, information disclosure, and system compromise. The vulnerability has a CVSS 3.1 score of 8.1 (High severity) with network accessibility and no privilege requirements, though exploitation requires non-standard conditions (AC:H).

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49257 HIGH This Week

A security vulnerability in thembay Zota allows PHP Local File Inclusion (CVSS 8.1). High severity vulnerability requiring prompt remediation.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49256 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Sapa that allows unauthenticated remote attackers to include and execute arbitrary PHP files through improper input validation on filename parameters in include/require statements. Affected versions range from an unspecified baseline through version 1.1.14. With a CVSS score of 8.1 and network-accessible attack vector, this vulnerability enables confidentiality, integrity, and availability compromise, though exploitation requires high attack complexity (AC:H) suggesting non-trivial preconditions.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49255 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Ruza versions up to 1.0.7, stemming from improper control of filename parameters in PHP include/require statements. An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server and potentially execute code, achieving high confidentiality, integrity, and availability impact. The CVSS score of 8.1 reflects significant risk, though the attack complexity is marked as high, suggesting exploitation may require specific conditions or user interaction timing.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49254 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Nika theme versions through 1.2.8, caused by improper control of filename parameters in PHP include/require statements (CWE-98). An unauthenticated remote attacker can exploit this vulnerability over the network to read arbitrary files from the server filesystem, potentially leading to information disclosure, code execution, or system compromise. The CVSS score of 8.1 (High) reflects significant confidentiality and integrity impact, though the AC:H (Attack Complexity: High) rating suggests some exploitation difficulty; KEV status and active exploitation data would further clarify immediate risk priority.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49253 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Lasa versions up to 1.1, caused by improper control of filename parameters in PHP include/require statements. This allows unauthenticated remote attackers to include and execute arbitrary local files on the server, potentially leading to remote code execution, information disclosure, and system compromise. The high CVSS score of 8.1 reflects the severity of this vulnerability, though the high attack complexity (AC:H) suggests exploitation may require specific environmental conditions or knowledge of the target system.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49252 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Besa versions through 2.3.8, stemming from improper control of filenames in include/require statements (CWE-98). An unauthenticated remote attacker can exploit this via a network vector with high complexity to achieve arbitrary file read/write capabilities, potentially leading to remote code execution. The high CVSS score of 8.1 reflects the severity of the confidentiality, integrity, and availability impact, though real-world exploitation requires specific conditions given the AC:H rating.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-49251 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in thembay Fana versions through 1.1.28 that allows unauthenticated remote attackers to include and execute arbitrary files through improper control of filename parameters in PHP include/require statements. The high CVSS score of 8.1 reflects the potential for confidentiality, integrity, and availability impact, though the 'H' attack complexity suggests exploitation requires specific conditions or knowledge of the application architecture. No publicly confirmed KEV or widespread active exploitation is documented, but the 2025 CVE date indicates this is a recently disclosed vulnerability requiring immediate attention from Fana users.

PHP LFI Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-29002 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in snstheme Simen versions through 4.6 that allows unauthenticated remote attackers to include and execute arbitrary local files via improper control of filename parameters in PHP include/require statements. With a CVSS score of 8.1 and network-based attack vector, this vulnerability enables confidentiality, integrity, and availability compromise; however, the high attack complexity suggests exploitation requires specific conditions or knowledge of the target environment.

PHP LFI Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-28991 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in the snstheme Evon WordPress theme (versions up to 3.4) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. An attacker can exploit this via a network attack with high complexity to achieve arbitrary code execution, data exfiltration, and system compromise. The vulnerability stems from improper input validation on filename parameters passed to PHP include/require statements.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-24761 HIGH This Week

PHP Local File Inclusion (LFI) vulnerability in the snstheme DSK WordPress theme (versions up to 2.2) that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper input validation on filename parameters in PHP include/require statements, potentially enabling attackers to read sensitive files, execute code, or compromise the entire WordPress installation. This is a high-severity issue (CVSS 8.1) affecting a popular theme, though real-world exploitation requires moderate attack complexity (AC:H).

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2025-30641 HIGH PATCH This Week

Link following (symlink) vulnerability in Trend Micro Deep Security 20.0 agent's anti-malware component that enables local privilege escalation. An attacker with low-privileged code execution can exploit this to gain elevated system privileges (confidentiality, integrity, and availability impact). While no public exploit or active exploitation in the wild has been confirmed, the CVSS 7.8 score and low attack complexity indicate this poses a significant risk to organizations running vulnerable versions.

Privilege Escalation Trend Micro Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49385 HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.

Privilege Escalation Trend Micro Windows Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-30640 HIGH PATCH This Week

Link following vulnerability (symlink attack) in Trend Micro Deep Security 20.0 agents that enables local privilege escalation on affected systems. An attacker with low-privileged code execution capability can exploit this flaw to gain high-level system access. The vulnerability has a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability; KEV and POC status are not confirmed in available data, but the low attack complexity and low privilege requirement indicate moderate real-world risk once initial code execution is obtained.

Privilege Escalation Trend Micro Path Traversal Deep Security Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49180 HIGH PATCH This Week

CVE-2025-49180 is an integer overflow vulnerability in the RandR (Resize and Rotate) X11 extension's RRChangeProviderProperty function that fails to properly validate input parameters. This allows a local, unprivileged attacker to trigger memory allocation failures or heap corruption, potentially leading to privilege escalation or denial of service on X11-based systems. The vulnerability requires local access and low privileges to exploit, making it a significant risk for multi-user systems and shared computing environments.

Buffer Overflow Integer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy