Skip to main content
CVE-2025-6218 HIGH POC KEV PATCH THREAT Act Now

WinRAR contains a directory traversal vulnerability (CVE-2025-6218, CVSS 7.8) enabling remote code execution when users extract crafted archives. KEV-listed with EPSS 4.7% and public PoC, this vulnerability allows archive files to write outside the extraction directory, placing malicious files in startup folders or other sensitive locations. Given WinRAR's 500+ million user base, this is a high-impact social engineering vector.

RCE Path Traversal Winrar
NVD
CVSS 3.0
7.8
EPSS
4.7%
Threat
4.7
CVE-2025-52488 HIGH POC PATCH THREAT Act Now

DNN (DotNetNuke) CMS versions 6.0.0 through 10.0.0 contain a vulnerability that can expose NTLM hashes to a third-party SMB server. Through a specially crafted series of interactions, an attacker can force the DNN server to authenticate to an attacker-controlled SMB server, capturing NTLM credential hashes for offline cracking.

Microsoft Information Disclosure Dotnetnuke
NVD GitHub
CVSS 3.1
8.6
EPSS
14.8%
CVE-2025-6393 HIGH POC This Week

CVE-2025-6393 is a critical buffer overflow vulnerability in the HTTP POST request handler of TOTOLINK routers affecting models A702R, A3002R, A3002RU, and EX1200T across multiple firmware versions. An authenticated attacker can exploit this vulnerability by manipulating the 'submit-url' parameter in requests to /boafrm/formIPv6Addr to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The exploit has been publicly disclosed and may be actively exploited in the wild.

Buffer Overflow TP-Link RCE A3002r Firmware A702r Firmware +3
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.6%
CVE-2025-6400 HIGH POC This Week

CVE-2025-6400 is a critical buffer overflow vulnerability in TOTOLINK N300RH router firmware version 6.1c.1390_B20191101, exploitable via HTTP POST requests to the /boafrm/formPortFw endpoint through manipulation of the service_type parameter. An authenticated attacker can remotely trigger this vulnerability to achieve complete system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability meets criteria for active exploitation risk due to disclosed POC and remote exploitability from an authenticated state.

Buffer Overflow TP-Link RCE N300rh Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6399 HIGH POC This Week

CVE-2025-6399 is a critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formIPv6Addr endpoint. An authenticated attacker can exploit the improper handling of the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability). A public exploit has been disclosed and the vulnerability is likely to see active exploitation given its criticality and ease of exploitation.

Buffer Overflow TP-Link X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6402 HIGH POC This Week

CVE-2025-6402 is a critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the IPv6 setup HTTP POST handler. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to achieve complete system compromise (confidentiality, integrity, and availability). Public exploit code exists for this vulnerability, increasing real-world exploitation risk.

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6374 HIGH POC This Week

CVE-2025-6374 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01, affecting the formSetACLFilter function's curTime parameter. An authenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. Public exploit code exists for this end-of-life product, making it an immediate concern for organizations still operating legacy D-Link equipment.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6373 HIGH POC This Week

CVE-2025-6373 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formSetWizard1 function via the /goform/formWlSiteSurvey endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the 'curTime' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the affected product is end-of-life with no vendor support.

Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-5034 HIGH POC PATCH This Week

CVE-2025-5034 is a Reflected Cross-Site Scripting (XSS) vulnerability in the wp-file-download WordPress plugin versions before 6.2.6, caused by failure to sanitize and escape user-supplied parameters before output. Attackers can craft malicious URLs containing JavaScript payloads that execute in victims' browsers when clicked, potentially stealing session cookies, hijacking accounts, or performing unauthorized actions. The vulnerability requires user interaction (clicking a link) but affects all users without authentication requirements, making it a moderate-to-significant risk for WordPress installations using this plugin.

WordPress XSS PHP Wp File Download
NVD WPScan
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-5478 HIGH PATCH This Week

CVE-2025-5478 is a critical integer overflow vulnerability in the Bluetooth SDP (Service Discovery Protocol) implementation of Sony XAV-AX8500 in-vehicle infotainment systems that allows unauthenticated, network-adjacent attackers to execute arbitrary code with root privileges. The vulnerability stems from insufficient input validation in buffer allocation logic, enabling remote code execution without user interaction. Given the automotive infotainment context and lack of authentication requirements, this represents a significant risk to connected vehicle security, particularly for vehicles with Bluetooth connectivity within network proximity.

RCE Xav Ax8500 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-5820 HIGH PATCH This Week

CVE-2025-5820 is a critical Bluetooth ERTM (Enhanced Retransmission Mode) channel authentication bypass vulnerability in Sony XAV-AX8500 infotainment systems that allows network-adjacent attackers to completely bypass authentication without any privileges or user interaction. Attackers can achieve high-impact compromise of confidentiality, integrity, and availability through improper channel data initialization in the Bluetooth implementation. The vulnerability has a CVSS 3.1 score of 8.8 (High) and represents a significant risk to vehicles using this aftermarket receiver, though exploitation requires physical proximity and the specific technical conditions of ERTM channel manipulation.

Authentication Bypass Xav Ax8500 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-5476 HIGH PATCH This Week

CVE-2025-5476 is an authentication bypass vulnerability in Sony XAV-AX8500 Bluetooth car audio systems caused by improper L2CAP channel isolation in ACL-U links. A network-adjacent attacker can completely bypass authentication without user interaction to gain full control (read, modify, execute) of the device. This is a critical vulnerability affecting in-vehicle infotainment systems with potential safety and privacy implications.

Authentication Bypass Xav Ax8500 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-52557 HIGH This Week

CVE-2025-52557 is a stored/reflected XSS vulnerability in Mail-0's Zero email solution (version 0.8) that allows unauthenticated attackers to craft malicious emails containing unexecuted JavaScript code. When a victim opens the email in the web interface, the JavaScript executes in their browser context, enabling session hijacking and potential account takeover. The vulnerability has been patched in version 0.81, and exploitation requires user interaction (opening the email), making it a moderate-to-high severity issue suitable for rapid patching.

Information Disclosure XSS Session Fixation
NVD GitHub
CVSS 4.0
8.6
EPSS
0.1%
CVE-2025-3221 HIGH This Week

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a denial of service vulnerability caused by insufficient validation of incoming request resources (CWE-770: Allocation of Resources Without Limits or Throttling). A remote, unauthenticated attacker can exploit this over the network to exhaust server resources and cause service unavailability. The CVSS 7.5 score reflects high availability impact with no authentication required and low attack complexity.

IBM Denial Of Service Infosphere Information Server
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-52487 HIGH PATCH This Week

CVE-2025-52487 is an authentication bypass vulnerability in DNN (DotNetNuke) versions 7.0.0 through 10.0.0 that allows attackers to circumvent IP-based login filters by crafting specially designed requests or using proxy techniques. An unauthenticated remote attacker can bypass IP whitelist restrictions to attempt logins from unauthorized locations, potentially gaining unauthorized access to administrative accounts. The vulnerability has been patched in version 10.0.1 and carries a CVSS 7.5 score reflecting high integrity impact, though no public exploitation or active KEV listing has been reported at this time.

Microsoft Authentication Bypass Dotnetnuke
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-5475 HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5) that allows network-adjacent attackers. High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Xav Ax8500 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-5479 HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5) that allows network-adjacent attackers. High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Buffer Overflow Xav Ax8500 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2025-5477 HIGH PATCH This Week

A remote code execution vulnerability (CVSS 7.5) that allows network-adjacent attackers. High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Buffer Overflow Xav Ax8500 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy