Skip to main content
CVE-2025-55190 CRITICAL POC PATCH Act Now

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Kubernetes Information Disclosure Argo Cd Red Hat Suse
NVD GitHub
CVSS 3.1
9.9
EPSS
4.0%
CVE-2025-54914 CRITICAL Act Now

Azure Networking Elevation of Privilege Vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Azure Networking
NVD
CVSS 3.1
10.0
EPSS
0.2%
CVE-2025-7385 CRITICAL Act Now

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-55244 CRITICAL This Week

Azure Bot Service Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Azure Ai Bot Service
NVD
CVSS 3.1
9.0
EPSS
0.1%
CVE-2025-55241 CRITICAL This Week

Azure Entra ID Elevation of Privilege Vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Entra Id
NVD
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-58361 CRITICAL This Week

Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-8311 CRITICAL POC Act Now

dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpoint. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation SQLi
NVD Exploit-DB
CVSS 4.0
9.4
EPSS
1.5%
CVE-2025-58357 CRITICAL POC Act Now

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 5ire
NVD GitHub
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-36904 CRITICAL This Week

WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-36897 CRITICAL This Week

In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Android Google
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-36896 CRITICAL This Week

WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-36890 CRITICAL This Week

Elevation of Privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy