Skip to main content
CVE-2025-61045 CRITICAL POC Act Now

Command injection in TOTOLINK X18 via mac parameter. EPSS 3.4%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
3.4%
CVE-2025-61044 CRITICAL POC Act Now

Command injection in TOTOLINK X18 via agentName in setEasyMeshAgentCfg. EPSS 2.7%. PoC available.

Command Injection X18 Firmware TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2025-59951 CRITICAL POC PATCH Act Now

Docker default credentials in Termix server management. PoC and patch available.

Nginx Docker Authentication Bypass Termix
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-61622 CRITICAL PATCH Act Now

Pickle deserialization RCE in pyfory 0.12.0-0.12.2 and pyfury 0.1.0-0.10.3.

RCE Deserialization Python Fory
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-8679 CRITICAL Act Now

Brute-force vulnerability in ExtremeGuest Essentials before 25.5.0.

Authentication Bypass Extremeguest Essentials
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-36852 CRITICAL Act Now

Unauthenticated database wipe in Custom Searchable Data Entry System WP plugin through 1.7.1.

WordPress Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy