THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Get CVEs that hit your stack — not 200/day

Pick your technologies, get a weekly digest by email. Free, no spam.

React Python Postgres +200 more

React Next.js Python Postgres AWS +200 more

Trending Now See all

Critical Watch See all

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Incoming 20

Pre-NVD – not yet scored

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — October 09, 2025

21 CVEs tracked today. 2 Critical, 1 High, 8 Medium, 10 Low.

CVE-2025-35051 CRITICAL CVSS 9.2
Remote code execution in Newforma Project Center Server (NPCS) 2024.3 allows unauthenticated attackers to execute arbitrary code with NT AUTHORITY\NetworkService privileges by sending malicious serialized .NET data to the '/ProjectCenter.rem' endpoint on TCP port 9003. The vulnerability stems from insecure deserialization of untrusted data on a network-exposed endpoint. While vendor architecture recommends internal-only deployment, the service accepts network connections without authentication (CVSS AV:N/PR:N), creating critical risk for organizations with exposed instances. CWE-306 (Missing Authentication) confirms the root cause as lack of authentication controls on a sensitive endpoint.

Authentication Bypass RCE Project Center
CVE-2025-11522 CRITICAL CVSS 9.8
Unauthenticated attackers bypass authentication and gain complete account access, including administrator privileges, in Search & Go - Directory WordPress Theme versions ≤2.7 when Facebook login functionality is enabled. Exploitation requires no user interaction and no authentication. The vulnerability stems from insufficient user validation in the search_and_go_elated_check_facebook_user() function, allowing arbitrary account takeover. No public exploit identified at time of analysis. This issue is remotely exploitable over the network with low attack complexity.

WordPress Authentication Bypass
CVE-2025-11561 HIGH CVSS 8.8
A privilege escalation vulnerability exists in the integration between Active Directory and the System Security Services Daemon (SSSD) on Linux systems, where an attacker with permissions to modify AD attributes can impersonate privileged users by exploiting a fallback mechanism in the Kerberos authentication plugin. The vulnerability affects domain-joined Linux hosts running SSSD in default configurations and allows attackers to gain unauthorized access with high privileges. With a low EPSS score of 0.05% and no KEV listing, this appears to be a theoretical risk requiring existing AD permissions rather than an actively exploited vulnerability.

Authentication Bypass Privilege Escalation Linux Red Hat Suse
CVE-2025-11558 MEDIUM CVSS 5.5
A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public an...

PHP SQLi E Commerce Website
CVE-2025-11557 MEDIUM CVSS 5.5
A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public ...

PHP SQLi Gate Pass Management System
CVE-2025-11556 MEDIUM CVSS 5.5
A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.

PHP SQLi Simple Leave Manager
CVE-2025-11555 MEDIUM CVSS 5.5
A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/calendar_of_events.php. The manipulation of the argument date_start results in sql injection. The attack may be launched remotely. The exploit is now public and may be use...

PHP SQLi Online Learning Management System
CVE-2025-11550 MEDIUM CVSS 5.7
A vulnerability was found in Tenda W12 3.0.0.6(3948). The impacted element is the function wifiScheduledSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument wifiScheduledSet results in null pointer dereference. The attack may be performed from remot...

Denial Of Service Tenda W12 Firmware
CVE-2025-11529 MEDIUM CVSS 5.5
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has...

PHP Authentication Bypass Churchcrm
CVE-2025-11513 MEDIUM CVSS 5.5
A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ...

PHP SQLi E Commerce Website
CVE-2025-4615 MEDIUM CVSS 5.5
Improper input neutralization in Palo Alto Networks PAN-OS management web interface allows authenticated high-privilege administrators to bypass system restrictions and execute arbitrary commands through command injection. The vulnerability affects PAN-OS across multiple versions (specific version ranges not independently confirmed from provided data), with a low EPSS exploitation probability (0.06%, 17th percentile) and no confirmed active exploitation or public proof-of-concept. Risk is significantly reduced when CLI access is restricted to a limited administrator group; Cloud NGFW and Prisma Access are unaffected.

Authentication Bypass RCE Command Injection Paloalto Pan Os
CVE-2025-11554 LOW CVSS 2.1
Insecure inherited permissions in Portabilis i-Educar up to version 2.9.10 allow authenticated remote attackers to escalate privileges through the User Type Handler component in AccessLevelController.php, potentially gaining unauthorized access to protected functionality. The vulnerability requires valid login credentials (PR:L) but carries low confidentiality, integrity, and availability impact (VC:L/VI:L/VA:L). Publicly available exploit code exists, though EPSS score of 0.06% (19th percentile) suggests limited real-world exploitation despite public disclosure.

PHP Information Disclosure I Educar
CVE-2025-11553 LOW CVSS 2.1
SQL injection vulnerability in Courier Management System 1.0 allows authenticated remote attackers to manipulate the Shippername parameter in /add-courier.php, enabling database queries to be executed with limited confidentiality and integrity impact. The publicly available exploit code and low CVSS score (2.1) reflect the requirement for valid authentication credentials, limiting real-world risk despite confirmed exploit availability.

PHP SQLi Courier Management System
CVE-2025-11552 LOW CVSS 2.1
SQL injection in code-projects Online Complaint Site 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the Category parameter in /admin/category.php, with publicly available exploit code. CVSS score of 2.1 reflects limited confidentiality impact and requirement for low-privilege authentication; EPSS of 0.03% indicates very low real-world exploitation probability despite public POC availability.

PHP SQLi Online Complaint Site
CVE-2025-11551 LOW CVSS 2.1
SQL injection in code-projects Student Result Manager 1.0 allows authenticated remote attackers to manipulate roll, name, or GPA parameters in Database.java, resulting in limited confidentiality, integrity, and availability impact. The vulnerability requires valid login credentials and has been publicly disclosed with exploit code available, but carries very low exploitation probability (EPSS 0.03%) and minimal security impact due to restricted scope.

SQLi Student Result Manager
CVE-2025-11530 LOW CVSS 2.1
SQL injection in Online Complaint Site 1.0 allows authenticated remote attackers to manipulate the state parameter in /cms/admin/state.php, enabling data exfiltration or modification with limited scope. Publicly available exploit code exists; however, the CVSS 2.1 score and 0.03% EPSS percentile indicate low real-world exploitation risk despite the presence of proof-of-concept.

PHP SQLi Online Complaint Site
CVE-2025-11523 LOW CVSS 2.1
Command injection in Tenda AC7 firmware 15.03.06.44 via the /goform/AdvSetLanip endpoint allows authenticated remote attackers to execute arbitrary commands with low impact on confidentiality, integrity, and availability. The vulnerability requires valid login credentials (PR:L) and affects the lanIp parameter. Publicly available exploit code exists, and EPSS scoring of 0.39% indicates low real-world exploitation probability despite public POC availability.

Command Injection Tenda Ac7 Firmware
CVE-2025-11516 LOW CVSS 2.1
SQL injection in code-projects Online Complaint Site 1.0 allows authenticated remote attackers to manipulate the cid parameter in /cms/users/complaint-details.php, leading to limited data exposure. The vulnerability requires valid user authentication and has a publicly available proof-of-concept, but the EPSS score of 0.03% and CVSS impact metrics (VC:L/VI:L/VA:L) indicate low real-world exploitation probability despite public availability of exploit code.

PHP SQLi Online Complaint Site
CVE-2025-11515 LOW CVSS 2.1
SQL injection in code-projects Online Complaint Site 1.0 allows authenticated remote attackers to manipulate the cid parameter in /cms/users/register-complaint.php, resulting in limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the EPSS score of 0.03% and requirement for prior authentication significantly constrain real-world exploitation risk compared to the CVSSv4 score of 2.1.

PHP SQLi Online Complaint Site
CVE-2025-11514 LOW CVSS 2.1
SQL injection in code-projects Online Complaint Site 1.0 allows authenticated remote attackers to manipulate the Username parameter in /cms/users/index.php and execute arbitrary SQL queries with limited impact to confidentiality, integrity, and availability. The CVSS 2.1 score and 0.03% EPSS percentile indicate low real-world risk despite public exploit availability, likely due to the authentication requirement (PR:L) and constrained impact scope.

PHP SQLi Online Complaint Site
CVE-2025-11512 LOW CVSS 2.1
Stored cross-site scripting (XSS) in code-projects Voting System 1.0 allows remote attackers to inject malicious scripts via the Firstname, Lastname, or Platform parameters in /admin/voters_add.php, requiring user interaction to trigger payload execution. The vulnerability has a low CVSS score (2.1) due to UI requirement, but publicly available exploit code exists and the attack requires no authentication or special configuration.

PHP XSS Voting System

Track CVEs for your stack Sign up free →

Today's Vulnerabilities Vulnerabilities