Skip to main content
CVE-2025-51089 MEDIUM POC This Month

Heap-based buffer overflow in Tenda AC8V4 router firmware V16.03.34.06 allows unauthenticated remote attackers to corrupt heap memory via a crafted `mac` parameter sent to the `/goform/GetParentControlInfo` endpoint. The vulnerability requires no authentication or user interaction and is reachable over the network, making it exploitable against any device whose web management interface is accessible. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 5.54% at the 92nd percentile indicates elevated real-world exploitation probability relative to the broader CVE population; no public exploit identified at time of analysis confirms CISA KEV listing.

Heap Overflow Tenda Buffer Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
5.5%
CVE-2025-51088 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware V16.03.34.06 exposes the /goform/WifiGuestSet HTTP endpoint to unauthenticated remote attackers via the `shareSpeed` parameter, which lacks proper bounds checking before stack allocation. The official CVSS scores only availability impact (A:L), but stack overflows in embedded router firmware routinely yield remote code execution in practice - the 93rd-percentile EPSS score and a publicly available PoC reinforce elevated real-world risk. No public exploitation or CISA KEV listing has been confirmed at time of analysis, though the PoC lowers the barrier to active targeting of unpatched devices.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-51085 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 firmware version 16.03.34.06 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request to the /goform/SetSysTimeCfg endpoint with oversized timeZone or timeType parameters. The vulnerability requires no authentication or user interaction per the CVSS:3.1 vector (PR:N/UI:N), making it trivially exploitable against any network-accessible management interface. A publicly available proof-of-concept exists on GitHub, and the EPSS score of 6.77% at the 93rd percentile signals meaningfully elevated exploitation probability relative to most CVEs - no public exploit identified at time of analysis as confirmed by CISA KEV, but POC availability lowers the bar for less-skilled actors.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
6.8%
CVE-2025-5084 MEDIUM POC This Month

Reflected cross-site scripting in Post Grid Master WordPress plugin versions up to 3.4.13 allows unauthenticated attackers to inject arbitrary JavaScript through the 'argsArray[read_more_text]' parameter due to insufficient input sanitization and output escaping. An attacker can craft a malicious link and trick users into clicking it, causing the injected script to execute in their browser with the victim's privileges. Publicly available exploit code exists, and the vulnerability affects all installations of the plugin through version 3.4.13.

WordPress XSS Post Grid Master
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-51082 MEDIUM POC This Month

Stack-based buffer overflow in Tenda AC8V4 home router firmware V16.03.34.06 exposes remote unauthenticated attackers to device crash or potential arbitrary code execution by submitting an oversized timeZone parameter to the /goform/fast_setting_wifi_set endpoint. The CVSS vector confirms no authentication is required and no user interaction is needed; a public proof-of-concept is available on GitHub. No public exploit identified at time of analysis as actively exploited by CISA KEV, but the combination of zero-authentication network access and available POC meaningfully lowers the barrier for exploitation beyond the low EPSS score of 0.47% suggests.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2025-8071 MEDIUM This Month

Stored Cross-Site Scripting in Mine CloudVod WordPress plugin versions up to 2.1.10 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript through the 'audio' parameter due to insufficient input sanitization and output escaping. When injected pages are accessed by other users, the malicious scripts execute in their browsers, potentially compromising site security and user data. No public exploit code or active exploitation has been confirmed at analysis time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6387 MEDIUM This Month

Stored Cross-Site Scripting in WP Get The Table WordPress plugin versions up to 1.5 allows authenticated attackers with Contributor-level access and above to inject arbitrary web scripts via the 'url' parameter due to insufficient input sanitization and output escaping. Injected scripts execute whenever any user accesses the affected pages, potentially compromising site visitors and enabling account hijacking, malware distribution, or data theft. No public exploit code or active exploitation has been confirmed at time of analysis, but the vulnerability requires only contributor-level access and has a moderate CVSS score of 6.4 reflecting limited technical complexity and network-based attack vector.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6382 MEDIUM This Month

Stored Cross-Site Scripting in Taeggie Feed plugin for WordPress (all versions up to 0.1.10) allows authenticated attackers with contributor-level access or above to inject arbitrary JavaScript via the taeggie-feed shortcode's name attribute, which is rendered unsanitized in both a script tag ID and jQuery.getScript() call. The vulnerability has a CVSS score of 6.4 with cross-site impact; no public exploit code or active exploitation has been confirmed at this time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6262 MEDIUM This Month

Stored Cross-Site Scripting in muse.ai WordPress plugin versions up to 0.4 allows authenticated attackers with contributor-level access to inject malicious scripts via insufficiently sanitized shortcode attributes, enabling arbitrary code execution in the context of any user viewing affected pages. The vulnerability requires authentication and user interaction (page access by victims), resulting in a CVSS 6.4 score; no public exploit code or active exploitation has been identified at time of analysis.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-4608 MEDIUM This Month

Stored Cross-Site Scripting in Structured Content plugin for WordPress up to version 1.6.4 allows authenticated contributors and above to inject arbitrary JavaScript via the sc_fs_local_business shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the context of any user viewing the affected page, potentially enabling account compromise, malware distribution, or defacement. No public exploit code or active exploitation has been confirmed at this time.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-6588 MEDIUM This Month

Reflected cross-site scripting (XSS) in the FunnelCockpit WordPress plugin up to version 1.4.3 allows unauthenticated attackers to inject arbitrary JavaScript through the 'error' parameter due to insufficient input sanitization and output escaping. Exploitation requires social engineering an administrative user to click a malicious link, enabling attackers to steal session cookies, perform administrative actions, or redirect users to phishing sites. No public exploit code or active exploitation has been confirmed at time of analysis.

WordPress XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-8114 MEDIUM PATCH This Month

NULL pointer dereference in libssh crashes SSH clients or servers during the key exchange (KEX) process when a cryptographic memory allocation fails and the resulting NULL pointer is subsequently dereferenced. Affected products span all libssh versions per CPE data, with confirmed patching by Red Hat (RHSA-2026:18683) and upstream fixes committed to the libssh repository. No public exploit identified at time of analysis; EPSS at 0.03% (8th percentile) reflects very low observed exploitation interest, consistent with the local access requirement and high attack complexity.

Microsoft Null Pointer Dereference Denial Of Service Libssh
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-4395 MEDIUM This Month

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-4394 MEDIUM This Month

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-4393 MEDIUM This Month

Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or. Rated medium severity (CVSS 6.5). No vendor patch available.

Deserialization
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy