Skip to main content
CVE-2025-51087 HIGH POC This Week

Stack-based buffer overflow in the Tenda AC8V4 router (firmware V16.03.34.06) lets remote attackers corrupt memory by supplying an oversized 'time' parameter to the /goform/saveParentControlInfo web endpoint. Per the published CVSS vector the flaw is network-reachable with no authentication (PR:N) and low complexity, and publicly available exploit code exists (no public exploit identified as actively exploited in CISA KEV). The EPSS score of 8.43% (94th percentile) marks it as elevated exploitation likelihood relative to the CVE population.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
8.6
EPSS
8.4%
CVE-2025-51089 MEDIUM POC This Month

Heap-based buffer overflow in Tenda AC8V4 router firmware V16.03.34.06 allows unauthenticated remote attackers to corrupt heap memory via a crafted `mac` parameter sent to the `/goform/GetParentControlInfo` endpoint. The vulnerability requires no authentication or user interaction and is reachable over the network, making it exploitable against any device whose web management interface is accessible. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 5.54% at the 92nd percentile indicates elevated real-world exploitation probability relative to the broader CVE population; no public exploit identified at time of analysis confirms CISA KEV listing.

Heap Overflow Tenda Buffer Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
5.5%
CVE-2025-51088 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware V16.03.34.06 exposes the /goform/WifiGuestSet HTTP endpoint to unauthenticated remote attackers via the `shareSpeed` parameter, which lacks proper bounds checking before stack allocation. The official CVSS scores only availability impact (A:L), but stack overflows in embedded router firmware routinely yield remote code execution in practice - the 93rd-percentile EPSS score and a publicly available PoC reinforce elevated real-world risk. No public exploitation or CISA KEV listing has been confirmed at time of analysis, though the PoC lowers the barrier to active targeting of unpatched devices.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-51085 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware version 16.03.34.06 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request to the /goform/SetSysTimeCfg endpoint with oversized timeZone or timeType parameters. The vulnerability requires no authentication or user interaction per the CVSS:3.1 vector (PR:N/UI:N), making it trivially exploitable against any network-accessible management interface. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 6.77% at the 93rd percentile signals meaningfully elevated exploitation probability relative to most CVEs - no public exploit identified at time of analysis as confirmed by CISA KEV, but POC availability lowers the bar for less-skilled actors.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-5084 MEDIUM POC This Month

Reflected cross-site scripting in Post Grid Master WordPress plugin versions up to 3.4.13 allows unauthenticated attackers to inject arbitrary JavaScript through the 'argsArray[read_more_text]' parameter due to insufficient input sanitization and output escaping. An attacker can craft a malicious link and trick users into clicking it, causing the injected script to execute in their browser with the victim's privileges. Publicly available exploit code exists, and the vulnerability affects all installations of the plugin through version 3.4.13.

WordPress XSS Post Grid Master
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-5243 CRITICAL Act Now

Unauthenticated remote code execution in SMG Software Information Portal versions prior to 13.06.2025 allows attackers to upload web shells and inject OS commands, achieving full server compromise with a maximum CVSS score of 10.0. The vulnerability was reported by Turkey's national CERT (USOM) and no public exploit identified at time of analysis, though the trivial attack complexity and network-accessible nature make it a critical priority for any organization running the affected product.

File Upload Command Injection
NVD VulDB
CVSS 3.1
10.0
EPSS
2.2%
CVE-2025-4784 CRITICAL Act Now

SQL injection in Moderec Tourtella versions prior to 26.05.2025 allows remote unauthenticated attackers to manipulate backend database queries via crafted input, leading to full compromise of confidentiality, integrity, and availability. The flaw was reported through Turkey's national CERT (USOM) under advisory TR-25-0176 and carries a critical 9.8 CVSS score, though no public exploit identified at time of analysis and no EPSS score was provided.

SQLi Tourtella
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-4822 CRITICAL Act Now

SQL injection in Bayraktar Solar Energies ScadaWatt Otopilot (versions before 27.05.2025) allows remote unauthenticated attackers to manipulate backend database queries over the network. With a CVSS 9.8 rating and full impact across confidentiality, integrity, and availability, successful exploitation can yield complete database compromise of this SCADA solar energy monitoring platform. There is no public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6441 CRITICAL Act Now

Unauthenticated login token generation in WebinarIgnition plugin for WordPress (versions ≤4.03.32) allows remote attackers to bypass authentication and impersonate arbitrary users. The vulnerability stems from missing capability checks on support staff authentication functions, enabling attackers to generate valid login tokens and authorization cookies without credentials (CVSS:3.1 AV:N/AC:L/PR:N). EPSS data not provided; no confirmation of active exploitation (CISA KEV) at time of analysis. Public exploit code existence not confirmed, though technical details are available via WordPress plugin repository references.

Authentication Bypass WordPress
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-51082 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 home router firmware V16.03.34.06 exposes remote unauthenticated attackers to device crash or potential arbitrary code execution by submitting an oversized timeZone parameter to the /goform/fast_setting_wifi_set endpoint. The CVSS vector confirms no authentication is required and no user interaction is needed; a public proof-of-concept is available on GitHub. No public exploit identified at time of analysis as actively exploited by CISA KEV, but the combination of zero-authentication network access and available POC meaningfully lowers the barrier for exploitation beyond the low EPSS score of 0.47% suggests.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2025-8071 MEDIUM This Month

Stored Cross-Site Scripting in Mine CloudVod WordPress plugin versions up to 2.1.10 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript through the 'audio' parameter due to insufficient input sanitization and output escaping. When injected pages are accessed by other users, the malicious scripts execute in their browsers, potentially compromising site security and user data. No public exploit code or active exploitation has been confirmed at analysis time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6387 MEDIUM This Month

Stored Cross-Site Scripting in WP Get The Table WordPress plugin versions up to 1.5 allows authenticated attackers with Contributor-level access and above to inject arbitrary web scripts via the 'url' parameter due to insufficient input sanitization and output escaping. Injected scripts execute whenever any user accesses the affected pages, potentially compromising site visitors and enabling account hijacking, malware distribution, or data theft. No public exploit code or active exploitation has been confirmed at time of analysis, but the vulnerability requires only contributor-level access and has a moderate CVSS score of 6.4 reflecting limited technical complexity and network-based attack vector.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6382 MEDIUM This Month

Stored Cross-Site Scripting in Taeggie Feed plugin for WordPress (all versions up to 0.1.10) allows authenticated attackers with contributor-level access or above to inject arbitrary JavaScript via the taeggie-feed shortcode's name attribute, which is rendered unsanitized in both a script tag ID and jQuery.getScript() call. The vulnerability has a CVSS score of 6.4 with cross-site impact; no public exploit code or active exploitation has been confirmed at this time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6262 MEDIUM This Month

Stored Cross-Site Scripting in muse.ai WordPress plugin versions up to 0.4 allows authenticated attackers with contributor-level access to inject malicious scripts via insufficiently sanitized shortcode attributes, enabling arbitrary code execution in the context of any user viewing affected pages. The vulnerability requires authentication and user interaction (page access by victims), resulting in a CVSS 6.4 score; no public exploit code or active exploitation has been identified at time of analysis.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-4608 MEDIUM This Month

Stored Cross-Site Scripting in Structured Content plugin for WordPress up to version 1.6.4 allows authenticated contributors and above to inject arbitrary JavaScript via the sc_fs_local_business shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the context of any user viewing the affected page, potentially enabling account compromise, malware distribution, or defacement. No public exploit code or active exploitation has been confirmed at this time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-8123 LOW POC Monitor

SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the ancestors parameter in the /system/dept/edit endpoint, enabling unauthorized data exfiltration or modification. Despite a critical classification, the CVSS v4.0 score of 2.1 reflects limited confidentiality and integrity impact; publicly available exploit code exists but EPSS exploitation probability remains low at 0.07%, suggesting the vulnerability requires authenticated access and may have limited real-world adoption or attack surface.

SQLi Deer Wms 2
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-6588 MEDIUM This Month

Reflected cross-site scripting (XSS) in the FunnelCockpit WordPress plugin up to version 1.4.3 allows unauthenticated attackers to inject arbitrary JavaScript through the 'error' parameter due to insufficient input sanitization and output escaping. Exploitation requires social engineering an administrative user to click a malicious link, enabling attackers to steal session cookies, perform administrative actions, or redirect users to phishing sites. No public exploit code or active exploitation has been confirmed at time of analysis.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-8115 LOW POC Monitor

Reflected cross-site scripting in PHPGurukul Taxi Stand Management System 1.0 allows authenticated remote attackers to inject malicious scripts via the registrationnumber or licensenumber parameters in /admin/new-autoortaxi-entry-form.php, requiring user interaction to trigger. The vulnerability carries a low CVSS score of 2.0 due to authentication and user-interaction requirements, though publicly available exploit code exists and EPSS scoring (0.07%) indicates minimal real-world exploitation probability.

PHP XSS Auto Taxi Stand Management System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-8114 MEDIUM PATCH This Month

NULL pointer dereference in libssh crashes SSH clients or servers during the key exchange (KEX) process when a cryptographic memory allocation fails and the resulting NULL pointer is subsequently dereferenced. Affected products span all libssh versions per CPE data, with confirmed patching by Red Hat (RHSA-2026:18683) and upstream fixes committed to the libssh repository. No public exploit identified at time of analysis; EPSS at 0.03% (8th percentile) reflects very low observed exploitation interest, consistent with the local access requirement and high attack complexity.

Microsoft Null Pointer Dereference Denial Of Service Libssh
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-4395 MEDIUM This Month

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-4394 MEDIUM This Month

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-4393 MEDIUM This Month

Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or. Rated medium severity (CVSS 6.5). No vendor patch available.

Deserialization
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy