Skip to main content
CVE-2025-53417 CRITICAL This Week

DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure
NVD
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-54871 MEDIUM POC PATCH This Month

Electron Capture facilitates video playback for screen-sharing and capture. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Apple Node.js Electron Capture macOS
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-54870 HIGH This Month

VTun-ng is a Virtual Tunnel over TCP/IP network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-54804 MEDIUM POC PATCH This Week

Russh is a Rust SSH client & server library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Russh Warpgate Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-54803 HIGH POC PATCH This Month

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Js Toml
NVD GitHub
CVSS 4.0
7.9
EPSS
0.1%
CVE-2025-54802 CRITICAL POC PATCH Act Now

pyLoad is the free and open-source Download Manager written in pure Python. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Python RCE Path Traversal Pyload Ng
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2025-54795 HIGH POC PATCH This Month

Claude Code is an agentic coding tool. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Claude Code
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-54794 HIGH POC PATCH This Month

Claude Code is an agentic coding tool. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Canonical Path Traversal Claude Code
NVD GitHub
CVSS 4.0
7.7
EPSS
0.0%
CVE-2025-54780 HIGH This Month

The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-54387 MEDIUM POC PATCH This Week

IPX is an image optimizer powered by sharp and svgo. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Ipx
NVD GitHub
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-54135 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Cursor
NVD GitHub
CVSS 3.1
8.5
EPSS
0.1%
CVE-2025-54130 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Cursor
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-54119 CRITICAL PATCH This Week

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi
NVD GitHub
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-53544 HIGH This Month

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-52892 MEDIUM POC PATCH Monitor

EspoCRM is a web application with a frontend designed as a single-page application and a REST API backend written in PHP. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Request Smuggling Information Disclosure Espocrm
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%

Rejected reason: This CVE is a duplicate of CVE-2025-52464. No vendor patch available.

Information Disclosure
NVD
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy