Skip to main content
CVE-2025-55523 LOW POC Monitor

An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to execute a directory traversal. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Agent Zero
NVD GitHub
CVSS 3.1
3.5
EPSS
0.3%
CVE-2025-9264 LOW POC PATCH Monitor

A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Java
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-9296 LOW POC Monitor

A security vulnerability has been detected in Emlog Pro up to 2.5.18. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-9306 LOW POC Monitor

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9300 LOW POC PATCH Monitor

A vulnerability was found in saitoha libsixel up to 1.10.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-9309 LOW POC Monitor

A vulnerability was found in Tenda AC10 16.03.10.13. Rated low severity (CVSS 2.0). Public exploit code available and no vendor patch available.

Authentication Bypass Tenda
NVD GitHub VulDB
CVSS 4.0
1.1
EPSS
0.0%
CVE-2025-9301 LOW PATCH Monitor

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-43753 LOW PATCH Monitor

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

XSS Digital Experience Platform Liferay Portal
NVD
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-53971 LOW PATCH Monitor

Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins to demote Team Members to Guests via the. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2025-49810 LOW PATCH Monitor

Mattermost versions 10.5.x <= 10.5.8 fail to validate access controls at time of access which allows user to read a thread via AI posts. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-47700 LOW PATCH Monitor

Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Mattermost Server
NVD
CVSS 3.1
3.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy