Skip to main content
CVE-2025-6994 CRITICAL Act Now

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-54883 CRITICAL Act Now

Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-7768 CRITICAL This Week

Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-30127 CRITICAL This Week

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-23317 CRITICAL This Week

NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Buffer Overflow RCE Heap Overflow Denial Of Service +2
NVD
CVSS 3.1
9.1
EPSS
3.0%
CVE-2025-23311 CRITICAL This Week

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Denial Of Service +2
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-23310 CRITICAL This Week

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Nvidia Buffer Overflow RCE Microsoft +4
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-22470 CRITICAL This Week

CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-54594 CRITICAL This Week

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Node.js
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy