Skip to main content
CVE-2025-41701 HIGH This Month

An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Deserialization
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-9539 HIGH This Month

The AutomatorWP - Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation WordPress RCE Code Injection PHP
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-42933 HIGH This Month

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-42929 HIGH This Month

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization. Rated high severity (CVSS 8.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-42916 HIGH This Month

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization. Rated high severity (CVSS 8.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-10120 HIGH POC This Month

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac20 Firmware
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.4%
CVE-2025-58757 HIGH POC PATCH GHSA This Week

MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization Medical Open Network For Ai
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy