Skip to main content
CVE-2025-10204 HIGH POC This Week

A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
7.1
EPSS
2.3%
CVE-2025-10392 HIGH This Month

A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-59363 HIGH This Month

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-10385 HIGH This Month

A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy