THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Get CVEs that hit your stack — not 200/day

Pick your technologies, get a weekly digest by email. Free, no spam.

React Python Postgres +200 more

React Next.js Python Postgres AWS +200 more

Trending Now See all

Critical Watch See all

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Incoming 20

Pre-NVD – not yet scored

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — October 05, 2025

24 CVEs tracked today. 0 Critical, 0 High, 3 Medium, 21 Low.

CVE-2025-11309 MEDIUM CVSS 5.5
A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Impacted is the function doFilter of the file findDeptPage.do. Performing manipulation of the argument sort results in sql injection. It is possible to initiate the attack remotely. The exploit ...

SQLi Data Leakage Prevention System
CVE-2025-11287 MEDIUM CVSS 5.5
A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available and...

Authentication Bypass Mcphub
CVE-2025-11284 MEDIUM CVSS 5.5
A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file /index.php/auth/Ops/git of the component HTTP Header Handler. The manipulation of the argument Authorization leads to use of hard...

PHP Authentication Bypass
CVE-2025-11308 LOW CVSS 2.0
Stored cross-site scripting in Vanderlande Baggage 360 7.0.0 allows authenticated remote attackers to inject malicious scripts via the Message parameter in the /api-addons/v1/messages endpoint, affecting integrity of stored data and potentially compromising user sessions when victims view poisoned messages. Exploitation requires user interaction (victim must view the message) and valid login credentials. Publicly available exploit code exists; EPSS score of 0.03% indicates low baseline exploitation probability despite public POC, suggesting the vulnerability requires specific triggering conditions or limited exposure in real deployments.

XSS
CVE-2025-11306 LOW CVSS 2.1
Reflected cross-site scripting (XSS) in qianfox FoxCMS up to version 1.2 allows remote unauthenticated attackers to inject malicious JavaScript through the keyword parameter in the Search Page component (/index.php/Search). The vulnerability requires user interaction (clicking a malicious link) and results in integrity impact via session hijacking or credential theft. Exploit code is publicly available on GitHub, though EPSS scoring (0.03%) suggests limited real-world exploitation activity.

PHP XSS Foxcms
CVE-2025-11304 LOW CVSS 2.1
Mentor LMS up to version 1.1.1 allows permissive cross-domain policies with untrusted domains through an unspecified API component, enabling information disclosure via remote unauthenticated requests with user interaction. The CVSS 2.1 score reflects limited confidentiality impact; however, EPSS indicates very low real-world exploitation probability (0.02nd percentile), and the vulnerability requires user interaction, substantially limiting practical risk despite publicly available exploit code.

Information Disclosure
CVE-2025-11303 LOW CVSS 2.1
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the command argument in the /goform/mp endpoint. The vulnerability requires valid user credentials but offers minimal impact due to restricted capabilities (low confidentiality, integrity, and availability effects). Publicly available exploit code exists, though EPSS scoring (0.20%) indicates limited real-world exploitation probability despite public availability.

Command Injection F9K1015 Firmware
CVE-2025-11298 LOW CVSS 2.1
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the m_wan_ipaddr parameter in the /goform/formSetWanStatic endpoint. The vulnerability has publicly available exploit code and has been disclosed despite vendor non-responsiveness. With a CVSS score of 2.1 and EPSS percentile of 42%, real-world risk is low due to authentication requirement and limited impact scope, though the public POC and command injection nature warrant monitoring.

Command Injection F9K1015 Firmware
CVE-2025-11292 LOW CVSS 2.1
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the wan_ipaddr parameter in the /goform/formBSSetSitesurvey endpoint. The vulnerability requires valid credentials and has limited scope (low confidentiality, integrity, and availability impact on the vulnerable component), but publicly available exploit code exists and the vendor has not responded to disclosure efforts.

Command Injection F9K1015 Firmware
CVE-2025-11291 LOW CVSS 2.1
Cross-site scripting (XSS) in ixmaps website2017 via unsanitized trid parameter in /map.php HTTP GET requests allows remote attackers to inject arbitrary JavaScript that executes in users' browsers with user interaction. The vulnerability affects an unknown version up to commit 0c71cffa0162186bc057a76766bc97e9f5a3a2d0, exploit code has been publicly released, and the vendor has not responded to disclosure notifications. CVSS 2.1 (Low) reflects minimal confidentiality impact and required user interaction, though EPSS 0.03% indicates low real-world exploitation probability.

PHP XSS
CVE-2025-11290 LOW CVSS 2.9
CRMEB up to version 5.6.1 uses a hard-coded cryptographic key in its JWT HMAC Secret Handler when the secret argument defaults to a known value, allowing remote attackers to forge JWT tokens and bypass authentication. Despite a low CVSS score of 2.9 reflecting high attack complexity, public exploit code exists and the vendor has not responded to disclosure. The practical impact depends on how JWT validation is implemented in the application stack.

Information Disclosure Crmeb
CVE-2025-11289 LOW CVSS 1.9
Stored cross-site scripting (XSS) in westboy CicadasCMS Template Management Page allows high-privileged users to inject malicious scripts via the Save function in TemplateFileServiceImpl.java, affecting downstream users who interact with stored templates. The vulnerability requires high privileges and user interaction but carries CVSS 1.9 due to minimal integrity impact; however, publicly available exploit code exists, indicating real disclosure despite extremely low exploitation probability (EPSS 0.03%).

XSS Java Cicadascms
CVE-2025-11288 LOW CVSS 2.1
SQL injection in CRMEB up to version 5.6 allows authenticated remote attackers to manipulate the cate_id parameter in GET requests to the /adminapi/product/product endpoint, potentially leading to unauthorized data access or modification. The vulnerability requires valid login credentials and has limited technical impact according to CVSS 4.0 (integrity and availability scope unchanged), but publicly available exploit code exists and the vendor has not responded to disclosure.

SQLi Crmeb
CVE-2025-11286 LOW CVSS 2.0
Server-side request forgery (SSRF) in MCPHub up to version 0.9.10 allows authenticated high-privilege users to manipulate the baseUrl argument in the MCPRouter Service, enabling arbitrary HTTP requests from the server. The vulnerability requires high privilege level and has publicly available proof-of-concept code, though EPSS analysis suggests limited real-world exploitation probability despite active public disclosure.

SSRF Mcphub
CVE-2025-11285 LOW CVSS 2.1
OS command injection in MCPHub up to version 0.9.10 allows authenticated remote attackers to execute arbitrary system commands via manipulation of command/args parameters in serverController.ts. The vulnerability has a low CVSS score (2.1) due to requirement for authenticated access and limited scope impact, but carries elevated real-world risk given publicly available exploit code and vendor non-responsiveness. EPSS score of 0.25% suggests limited current exploitation activity despite POC availability.

Command Injection Mcphub
CVE-2025-11283 LOW CVSS 1.9
Cross-site scripting (XSS) in Frappe LMS 2.35.0 Course Handler allows authenticated users with high privileges to inject malicious scripts via the Description argument when course creation or modification requires user interaction, resulting in integrity impact to stored content. The vulnerability has publicly available exploit code and a CVSS score of 1.9, indicating minimal real-world risk despite XSS classification; however, active exploitation probability (EPSS 0.07%) remains very low, suggesting this is a low-priority vulnerability except in multi-tenant environments where malicious admins pose insider threats.

XSS Learning
CVE-2025-11282 LOW CVSS 1.9
Frappe LMS versions 2.34.x and 2.35.0 contain a cross-site scripting (XSS) vulnerability in an incomplete fix for CVE-2025-55006, allowing authenticated remote attackers with high privileges to inject malicious scripts that execute in user browsers. Publicly available exploit code exists, and while the CVSS score of 4.8 is moderate, the low EPSS percentile (21%) and requirement for privileged user interaction suggest limited real-world exploitation likelihood despite public disclosure.

XSS
CVE-2025-11281 LOW CVSS 1.3
Frappe LMS 2.35.0 contains improper access controls in the Unpublished Course Handler component at the /courses/ endpoint that allows authenticated remote attackers to access unauthorized information. The vulnerability requires high attack complexity and authenticated access, limiting real-world exploitation despite publicly available exploit code. CVSS 1.3 and EPSS 0.04% (11th percentile) indicate low practical risk despite public POC availability.

Information Disclosure Learning
CVE-2025-11280 LOW CVSS 2.9
Information disclosure vulnerability in Frappe LMS 2.35.0 allows remote unauthenticated attackers to access sensitive assignment picture data through direct requests to the /files/ endpoint with high attack complexity. The vulnerability carries a CVSS score of 2.9 with low confidentiality impact, and publicly available exploit code exists, though real-world exploitation risk remains minimal given the high complexity requirement and low EPSS score of 0.04%.

Information Disclosure Learning
CVE-2025-11279 LOW CVSS 2.0
CSV injection in Axosoft Scrum and Bug Tracking 22.1.1.11545 via the Title parameter on the Add Work Item Page allows authenticated users with UI interaction to inject malicious CSV formulas, resulting in low-impact data manipulation. The vulnerability requires user login and deliberate user interaction to exploit, limiting real-world risk despite public exploit availability and vendor non-responsiveness.

Code Injection
CVE-2025-11278 LOW CVSS 2.1
Cross-site scripting (XSS) vulnerability in AllStarLink Supermon up to version 6.2 component AllMon2 allows remote attackers to inject malicious scripts via unknown vectors, with user interaction required. The vulnerability affects end-of-life products no longer receiving vendor support, and publicly available exploit code exists; however, EPSS exploitation probability is minimal at 0.02%, indicating limited real-world attack likelihood despite public disclosure.

XSS
CVE-2025-11277 LOW CVSS 1.9
Heap-based buffer overflow in Assimp 6.0.2's Q3D file importer allows local authenticated users to cause memory corruption via crafted Q3D model files. The vulnerability affects the Q3DImporter::InternReadFile function and has publicly available exploit code, though real-world exploitation remains limited due to local access and low privilege requirement constraints. CVSS 1.9 reflects minimal confidentiality, integrity, and availability impact despite the presence of a public POC.

Buffer Overflow Assimp
CVE-2025-11275 LOW CVSS 1.9
Heap-based buffer overflow in Open Asset Import Library Assimp 6.0.2 affects the ODDLParser::getNextSeparator function in OpenDDLParserUtils.h, allowing local attackers with low privileges to cause limited memory corruption. The vulnerability has a CVSS score of 1.9 with low confidentiality, integrity, and availability impact; however, publicly available exploit code exists and EPSS indicates minimal real-world exploitation probability (0.02% percentile 6%), suggesting this is a low-risk issue in practice despite the buffer overflow designation.

Buffer Overflow Assimp
CVE-2025-11274 LOW CVSS 1.9
Assimp 6.0.2 Q3D file parser mishandles resource allocation in the Q3DImporter::InternReadFile function, causing denial of service through uncontrolled memory consumption when processing malformed Q3D model files. A local authenticated attacker can trigger excessive memory allocation by providing a specially crafted Q3D file, leading to process crash or system resource exhaustion. Publicly available exploit code exists, though CVSS 1.9 and EPSS 0.03% indicate minimal real-world exploitation risk.

Denial Of Service Assimp

Track CVEs for your stack Sign up free →

Today's Vulnerabilities Vulnerabilities