THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — August 26, 2025

125 CVEs tracked today. 11 Critical, 46 High, 64 Medium, 4 Low.

CVE-2025-55526 CRITICAL CVSS 9.1
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Fastapi Pydantic Uvicorn
CVE-2025-52353 CRITICAL CVSS 9.8
An arbitrary code execution vulnerability in Badaso CMS 2.9.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload RCE Badaso
CVE-2025-35115 CRITICAL CVSS 9.2
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Agiloft
CVE-2025-22408 CRITICAL CVSS 9.8
In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-22403 CRITICAL CVSS 9.8
In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-7775 CRITICAL CVSS 9.2
Citrix NetScaler ADC and Gateway contain a memory overflow vulnerability enabling remote code execution and denial of service when configured as VPN, AAA, or load balancing virtual servers.

Denial Of Service Buffer Overflow RCE Citrix Netscaler Application Delivery Controller
CVE-2024-39335 CRITICAL CVSS 9.1
Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mahara
CVE-2025-55443 CRITICAL CVSS 9.1
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Telpo Mdm Android
CVE-2025-41702 CRITICAL CVSS 9.8
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
CVE-2025-0075 CRITICAL CVSS 9.8
In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-0074 CRITICAL CVSS 9.8
In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-57820 HIGH CVSS 7.9
Svelte devalue is a utility library. Rated high severity (CVSS 7.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Prototype Pollution Information Disclosure
CVE-2025-57810 HIGH CVSS 8.7
jsPDF is a library to generate PDFs in JavaScript. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Jspdf Redhat
CVE-2025-57803 HIGH CVSS 7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Heap Overflow Buffer Overflow Imagemagick Redhat Suse
CVE-2025-55298 HIGH CVSS 7.5
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

RCE Imagemagick Redhat Suse
CVE-2025-53419 HIGH CVSS 7.8
Delta Electronics COMMGR has Code Injection vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection
CVE-2025-53418 HIGH CVSS 8.6
Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow
CVE-2025-52218 HIGH CVSS 7.5
SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text Injection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Selectzero
CVE-2025-50971 HIGH CVSS 7.5
Directory traversal vulnerability in AbanteCart version 1.4.2 allows unauthenticated attackers to gain access to sensitive system files via the template parameter to index.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Abantecart
CVE-2025-50753 HIGH CVSS 8.4
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
CVE-2025-38676 HIGH CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Amd Buffer Overflow Linux Linux Kernel
CVE-2025-36729 HIGH CVSS 7.2
A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
CVE-2025-35114 HIGH CVSS 8.7
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Agiloft
CVE-2025-29992 HIGH CVSS 7.5
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mahara
CVE-2025-29901 HIGH CVSS 7.1
A NULL pointer dereference vulnerability has been reported to affect File Station 5. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference File Station
CVE-2025-23315 HIGH CVSS 7.8
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
CVE-2025-23314 HIGH CVSS 7.8
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
CVE-2025-23313 HIGH CVSS 7.8
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
CVE-2025-23312 HIGH CVSS 7.8
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
CVE-2025-23307 HIGH CVSS 7.8
NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo Curator
CVE-2025-22412 HIGH CVSS 8.8
In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-22411 HIGH CVSS 8.8
In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service RCE Use After Free Android
CVE-2025-22410 HIGH CVSS 8.4
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Privilege Escalation
CVE-2025-22409 HIGH CVSS 8.4
In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Privilege Escalation
CVE-2025-22406 HIGH CVSS 8.4
In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Privilege Escalation
CVE-2025-22405 HIGH CVSS 8.4
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Privilege Escalation
CVE-2025-22404 HIGH CVSS 8.4
In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Privilege Escalation
CVE-2025-9483 HIGH CVSS 7.4
A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Linksys Re6500 Firmware Re6250 Firmware Re6300 Firmware
CVE-2025-9482 HIGH CVSS 7.4
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Linksys Re6250 Firmware Re6300 Firmware Re6350 Firmware
CVE-2025-9481 HIGH CVSS 7.4
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Linksys Re6250 Firmware Re6300 Firmware Re6350 Firmware
CVE-2025-9478 HIGH CVSS 8.8
Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome
CVE-2025-9443 HIGH CVSS 7.4
A flaw has been found in Tenda CH22 1.0.0.1. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ch22 Firmware
CVE-2025-9172 HIGH CVSS 7.5
The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi PHP
CVE-2025-8447 HIGH CVSS 7.0
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Server
CVE-2025-8424 HIGH CVSS 8.7
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Citrix
CVE-2025-7776 HIGH CVSS 8.8
Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Citrix Netscaler Application Delivery Controller Netscaler Gateway
CVE-2025-6366 HIGH CVSS 8.8
The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
CVE-2025-5931 HIGH CVSS 8.8
The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
CVE-2025-2697 HIGH CVSS 7.4
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Cognos Command Center
CVE-2025-1994 HIGH CVSS 7.8
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE IBM Cognos Command Center
CVE-2025-0093 HIGH CVSS 7.5
In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
CVE-2025-0084 HIGH CVSS 8.8
In multiple locations, there is a possible out of bounds write due to a use after free. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Use After Free Denial Of Service
CVE-2025-0081 HIGH CVSS 7.5
In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Android Google
CVE-2025-0080 HIGH CVSS 7.8
In multiple locations, there is a possible way to overlay the installation confirmation dialog due to a tapjacking/overlay attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android Google
CVE-2025-0079 HIGH CVSS 7.8
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android Google
CVE-2025-0078 HIGH CVSS 8.8
In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Android Google
CVE-2024-47853 HIGH CVSS 8.8
An issue was discovered in Mahara 23.04.8 and 24.04.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Mahara
CVE-2025-57818 MEDIUM CVSS 6.3
Firecrawl turns entire websites into LLM-ready markdown or structured data. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF
CVE-2025-57813 MEDIUM CVSS 5.9
traQ is a messenger application built for Digital Creators Club traP. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
CVE-2025-57704 MEDIUM CVSS 5.5
Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity Processing Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Information Disclosure
CVE-2025-57425 MEDIUM CVSS 6.1
A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Faq Management System
CVE-2025-56432 MEDIUM CVSS 6.1
A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nagios Xi
CVE-2025-53813 MEDIUM CVSS 4.8
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation macOS
CVE-2025-53811 MEDIUM CVSS 4.8
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation macOS
CVE-2025-52219 MEDIUM CVSS 6.5
SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Selectzero
CVE-2025-52217 MEDIUM CVSS 5.4
SelectZero Data Observability Platform before 2025.5.2 is vulnerable to HTML Injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Selectzero
CVE-2025-52184 MEDIUM CVSS 6.1
Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Helpy
CVE-2025-52037 MEDIUM CVSS 6.1
A vulnerability has been found in NotesCMS and classified as medium. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Notescms
CVE-2025-52036 MEDIUM CVSS 6.1
A vulnerability has been found in NotesCMS and classified as medium. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Notescms
CVE-2025-52035 MEDIUM CVSS 6.1
A vulnerability in NotesCMS and specifically in the page /index.php?route=notes. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Notescms
CVE-2025-50976 MEDIUM CVSS 6.1
IPFire 2.29 DNS management interface (dns.cgi) fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters, resulting in a reflected cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ipfire
CVE-2025-50975 MEDIUM CVSS 5.4
IPFire 2.29 web-based firewall interface (firewall.cgi) fails to sanitize several rule parameters such as PROT, SRC_PORT, TGT_PORT, dnatport, key, ruleremark, src_addr, std_net_tgt, and tgt_addr,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ipfire
CVE-2025-50974 MEDIUM CVSS 6.5
The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ipfire
CVE-2025-48108 MEDIUM CVSS 6.5
Missing Authorization vulnerability in Mojoomla School Management allows Exploiting Incorrectly Configured Access Control Security Levels.2.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Joomla
CVE-2025-44002 MEDIUM CVSS 6.1
Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges,. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows
CVE-2025-35113 MEDIUM CVSS 4.8
Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ssti Agiloft
CVE-2025-26417 MEDIUM CVSS 4.0
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
CVE-2025-25737 MEDIUM CVSS 6.8
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Brute Force Ris 9160 Firmware Ris 9260 Firmware
CVE-2025-25736 MEDIUM CVSS 6.8
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Ris 9160 Firmware Ris 9260 Firmware Android
CVE-2025-25735 MEDIUM CVSS 4.6
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
CVE-2025-25734 MEDIUM CVSS 6.8
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Ris 9160 Firmware Ris 9260 Firmware
CVE-2025-25732 MEDIUM CVSS 6.8
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ris 9160 Firmware Ris 9260 Firmware
CVE-2025-22413 MEDIUM CVSS 4.0
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Android Google Suse
CVE-2025-22407 MEDIUM CVSS 5.5
In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Denial Of Service Information Disclosure
CVE-2025-9492 MEDIUM CVSS 6.9
A vulnerability was determined in Campcodes Online Water Billing System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Water Billing System
CVE-2025-9491 MEDIUM CVSS 4.6
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows 11 23h2 Windows
CVE-2025-9476 MEDIUM CVSS 6.9
A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Human Resource Information System
CVE-2025-9475 MEDIUM CVSS 6.9
A flaw has been found in SourceCodester Human Resource Information System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Human Resource Information System
CVE-2025-9473 MEDIUM CVSS 6.9
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Bank Management System
CVE-2025-9472 MEDIUM CVSS 6.9
A vulnerability was found in itsourcecode Apartment Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Management System
CVE-2025-9471 MEDIUM CVSS 6.9
A vulnerability has been found in itsourcecode Apartment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Management System
CVE-2025-9470 MEDIUM CVSS 6.9
A flaw has been found in itsourcecode Apartment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Management System
CVE-2025-9469 MEDIUM CVSS 6.9
A vulnerability was detected in itsourcecode Apartment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Management System
CVE-2025-9468 MEDIUM CVSS 6.9
A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Management System
CVE-2025-9461 MEDIUM CVSS 5.3
A weakness has been identified in diyhi bbs up to 6.8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Information Disclosure Bbs
CVE-2025-9444 MEDIUM CVSS 6.9
A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Student Project Report Submission And Evaluation System
CVE-2025-9440 MEDIUM CVSS 5.3
A security vulnerability has been detected in 1000projects Online Project Report Submission and Evaluation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Student Project Report Submission And Evaluation System
CVE-2025-9439 MEDIUM CVSS 5.3
A weakness has been identified in 1000projects Online Project Report Submission and Evaluation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Student Project Report Submission And Evaluation System
CVE-2025-9438 MEDIUM CVSS 5.3
A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Student Project Report Submission And Evaluation System
CVE-2025-9434 MEDIUM CVSS 5.3
A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Student Project Report Submission And Evaluation System
CVE-2025-9433 MEDIUM CVSS 5.3
A vulnerability was found in mtons mblog up to 3.5.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mblog
CVE-2025-9432 MEDIUM CVSS 5.3
A vulnerability has been found in mtons mblog up to 3.5.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mblog
CVE-2025-9431 MEDIUM CVSS 5.3
A flaw has been found in mtons mblog up to 3.5.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mblog
CVE-2025-9430 MEDIUM CVSS 4.8
A vulnerability was detected in mtons mblog up to 3.5.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mblog
CVE-2025-9429 MEDIUM CVSS 5.1
A security vulnerability has been detected in mtons mblog up to 3.5.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mblog
CVE-2025-9277 MEDIUM CVSS 6.4
The SiteSEO - SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
CVE-2025-9190 MEDIUM CVSS 4.8
The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation macOS
CVE-2025-8700 MEDIUM CVSS 4.8
Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
CVE-2025-8597 MEDIUM CVSS 4.8
MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
CVE-2025-6247 MEDIUM CVSS 4.7
The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

WordPress CSRF XSS PHP
CVE-2025-1501 MEDIUM CVSS 5.3
An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
CVE-2025-1494 MEDIUM CVSS 6.1
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Cognos Command Center
CVE-2025-0092 MEDIUM CVSS 6.5
In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
CVE-2025-0086 MEDIUM CVSS 6.2
In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Android Google
CVE-2025-0083 MEDIUM CVSS 4.0
In multiple locations, there is a possible way to access content across user profiles due to URI double encoding. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
CVE-2025-0082 MEDIUM CVSS 5.5
In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Java Android Google
CVE-2024-49740 MEDIUM CVSS 5.5
In multiple locations, there is a possible crash loop due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Android Google
CVE-2024-47192 MEDIUM CVSS 5.3
An issue was discovered in Mahara 23.04.8 and 24.04.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mahara
CVE-2024-45753 MEDIUM CVSS 6.1
In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause XSS if the external feed XML has a malicious value for the link attribute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mahara
CVE-2024-35203 MEDIUM CVSS 6.1
Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting (XSS) via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mahara
CVE-2024-8860 MEDIUM CVSS 4.3
The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tf_order_status_email_resend_function, tf_visitor_details_edit_function,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
CVE-2025-55212 LOW CVSS 3.7
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Imagemagick
CVE-2025-35112 LOW CVSS 2.0
Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Path Traversal Agiloft
CVE-2025-25733 LOW CVSS 3.5
Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ris 9160 Firmware Ris 9260 Firmware
CVE-2025-9474 LOW CVSS 2.0
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Rated low severity (CVSS 2.0). Public exploit code available and no vendor patch available.

Apple Information Disclosure macOS

Today's Vulnerabilities Vulnerabilities