Skip to main content
CVE-2025-47812 CRITICAL POC KEV PATCH THREAT Act Now

Wing FTP Server before 7.4.4 contains a critical remote code execution vulnerability (CVE-2025-47812, CVSS 10.0) through null byte injection in user/admin web interfaces that enables arbitrary Lua code execution in session files. With EPSS 92.7% and KEV listing, this vulnerability guarantees unauthenticated root/SYSTEM code execution on affected servers, as the FTP service runs with maximum privileges by default.

RCE Code Injection Ftp Privilege Escalation Wing Ftp Server
NVD Exploit-DB
CVSS 3.1
10.0
EPSS
92.7%
Threat
7.8
CVE-2025-34100 CRITICAL POC THREAT Emergency

BuilderEngine 3.5.0 contains a critical unrestricted file upload vulnerability in its elFinder 2.0 integration and jQuery File Upload plugin, allowing unauthenticated attackers to upload and execute arbitrary PHP files on the server, resulting in complete remote code execution (RCE) under the web server process context. The vulnerability is characterized by a CVSS 9.3 score with no authentication or user interaction required, making it immediately exploitable across network boundaries.

PHP RCE Jquery Authentication Bypass
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
67.4%
Threat
5.4
CVE-2025-34102 CRITICAL POC THREAT Emergency

CryptoLog PHP edition (discontinued since 2009) contains a chained SQL injection and command injection vulnerability. An unauthenticated attacker can first bypass authentication via SQLi in login.php, then exploit command injection to gain shell access as the web server user.

PHP RCE Command Injection SQLi Authentication Bypass
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
60.0%
Threat
5.2
CVE-2025-34101 CRITICAL POC THREAT Emergency

Serviio Media Server versions 1.4 through 1.8 on Windows contain an unauthenticated command injection in the /rest/action API endpoint. The checkStreamUrl method passes the VIDEO parameter directly to cmd.exe without sanitization, enabling remote code execution on the media server.

Microsoft Command Injection Windows
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
53.9%
Threat
5.0
CVE-2025-34096 CRITICAL POC THREAT Emergency

Easy File Sharing HTTP Server version 7.2 contains a stack-based buffer overflow triggered by an oversized Email parameter in POST requests to /sendemail.ghp. Unauthenticated attackers can exploit this for remote code execution on the Windows server.

RCE Buffer Overflow Stack Overflow Denial Of Service
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
49.1%
Threat
4.8
CVE-2025-34095 CRITICAL POC THREAT Emergency

Mako Server versions 2.5 and 2.6 contain an unauthenticated OS command injection via the tutorial interface at examples/save.lsp. Attackers can send crafted PUT requests with arbitrary Lua os.execute() code that is persisted on disk and executed, achieving remote code execution on the embedded web server.

Microsoft Command Injection Windows
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
45.4%
Threat
4.7
CVE-2025-34099 CRITICAL POC THREAT Emergency

VICIdial call center software versions 2.9 RC1 through 2.13 RC1 contain an unauthenticated command injection in vicidial_sales_viewer.php when password encryption is enabled. The HTTP Basic Authentication password is passed directly to OS commands without sanitization, enabling remote code execution on the call center server.

PHP Command Injection
NVD Exploit-DB
CVSS 4.0
9.3
EPSS
20.0%
Threat
4.0
CVE-2025-53633 CRITICAL PATCH Act Now

Chall-Manager versions prior to v0.1.4 contain an unchecked decompression vulnerability (CWE-405) that allows unauthenticated attackers to trigger zip bomb attacks by uploading malicious scenario archives. This denial-of-service vulnerability has a CVSS 9.8 severity score due to complete system compromise potential (confidentiality, integrity, availability impact) combined with network-accessible attack surface. The vulnerability is mitigated in practice by deployment recommendations suggesting Chall-Manager be isolated within infrastructure, but network-adjacent attackers with access to the system can completely compromise it without authentication or user interaction.

Information Disclosure Chall Manager Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-2523 CRITICAL Act Now

A remote code execution vulnerability in Honeywell Experion PKS and OneWireless WDM (CVSS 9.4). Critical severity with potential for significant impact on affected systems.

Honeywell RCE Integer Overflow SCADA Industrial
NVD
CVSS 3.1
9.4
EPSS
0.4%
CVE-2025-53371 CRITICAL PATCH Act Now

A denial of service vulnerability in DiscordNotifications (CVSS 9.1) that allows sending requests. Critical severity with potential for significant impact on affected systems.

SSRF Denial Of Service Mediawiki PHP RCE
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-53632 CRITICAL PATCH Act Now

CVE-2025-53632 is a path traversal vulnerability (zip slip) in Chall-Manager v0.1.3 and earlier that allows unauthenticated attackers to write arbitrary files to the system when processing scenario zip archives. The vulnerability has a CVSS 9.1 severity score due to high integrity and availability impact, though real-world exploitation risk is partially mitigated by deployment recommendations to isolate Chall-Manager within internal infrastructure. A patch is available in v0.1.4 via commit 47d188f.

Path Traversal Docker Chall Manager Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-23048 CRITICAL POC PATCH Act Now

CVE-2025-23048 is an authentication bypass vulnerability in Apache HTTP Server 2.4.35-2.4.63 affecting mod_ssl configurations with multiple virtual hosts using different client certificate restrictions. An attacker with valid client certificates trusted by one virtual host can exploit TLS 1.3 session resumption to access another restricted virtual host if SSLStrictSNIVHostCheck is not enabled, achieving unauthorized access to confidential information and potentially modifying data. This is a network-accessible vulnerability with no authentication required and high real-world impact.

Apache Authentication Bypass TLS Http Server Red Hat +2
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy