Skip to main content
CVE-2025-34267 HIGH POC PATCH This Week

Authenticated remote code execution in FlowiseAI Flowise (v3.0.1 up to but not including 3.0.8, and later versions when 'ALLOW_BUILTIN_DEP' is enabled) lets a logged-in user break out of the nodevm sandbox by abusing the bundled Puppeteer and Playwright modules. Because a custom tool can specify an attacker-controlled browser binary path and launch parameters, executing that tool runs an arbitrary executable on the host outside the intended sandbox, yielding code execution in the host context. Publicly available exploit code exists; the flaw is not listed in CISA KEV, and it was mis-filed by the vendor as a duplicate of CVE-2025-26319 but is distinct.

RCE Command Injection Flowise
NVD GitHub
CVSS 4.0
8.4
EPSS
6.1%
CVE-2025-11721 CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox 143 and Thunderbird 143 allows unauthenticated network attackers to execute arbitrary code via memory corruption. The vulnerability stems from a memory safety bug (CWE-119 buffer overflow) exploitable without user interaction. CVSS score of 9.8 reflects critical severity with network-based attack vector, low complexity, and no privileges required. Vendor-released patches are available in Firefox 144 and Thunderbird 144. No public exploit identified at time of analysis, though Mozilla's assessment indicates the memory corruption is presumed exploitable with sufficient effort.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11719 CRITICAL PATCH Act Now

Use-after-free memory corruption in Mozilla Thunderbird 143+ and Firefox allows remote code execution via malicious web extensions exploiting the native messaging API on Windows. CVSS 9.8 (critical) with network-based attack vector requiring no user interaction or authentication. Patched in Firefox 144 and Thunderbird 144. No public exploit identified at time of analysis, but CVSS metrics indicate high exploitability (AV:N/AC:L/PR:N/UI:N) with complete impact to confidentiality, integrity, and availability.

Memory Corruption Use After Free Buffer Overflow Mozilla Microsoft +3
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11710 CRITICAL PATCH Act Now

Information disclosure in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to extract privileged browser process memory via malicious IPC messages from a compromised web content process. Affects Firefox <144, Firefox ESR <115.29 and <140.4, and Thunderbird <144 and <140.4. CVSS 9.8 indicates network-exploitable with no auth required, though actual exploitation requires first compromising a web content process. Vendor-released patches available (Firefox 144, Firefox ESR 115.29/140.4, Thunderbird 144/140.4). No public exploit identified at time of analysis; EPSS data not provided.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11709 CRITICAL PATCH Act Now

Out-of-bounds memory corruption in Mozilla Firefox and Thunderbird allows unauthenticated remote attackers to achieve code execution via malicious WebGL texture operations. A compromised web content process can exploit manipulated WebGL textures to trigger out-of-bounds reads and writes in privileged browser processes, potentially leading to full system compromise. Affects Firefox <144, Firefox ESR <115.29 and <140.4, and Thunderbird <144 and <140.4. Vendor-released patches available across all affected product lines. CVSS 9.8 reflects network-accessible, no-authentication-required attack with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the specific Bugzilla reference (1989127) indicates detailed technical analysis exists.

Memory Corruption Mozilla Buffer Overflow Thunderbird Red Hat +1
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-11708 CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox (all versions prior to 144, ESR prior to 140.4) and Thunderbird (all versions prior to 144, ESR prior to 140.4) allows unauthenticated remote attackers to execute arbitrary code, disclose sensitive information, or cause denial of service through a use-after-free vulnerability in MediaTrackGraphImpl::GetInstance(). With a critical CVSS score of 9.8 and no authentication required, this memory corruption flaw represents a severe security risk. No public exploit identified at time of analysis, though EPSS data not available to assess exploitation probability.

Memory Corruption Mozilla Use After Free Information Disclosure Thunderbird +2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-10610 CRITICAL Act Now

Blind SQL injection in SFS Consulting's Winsure platform (all versions through the 21.08.2025 release) allows remote unauthenticated attackers to manipulate backend database queries via crafted input. The flaw carries a CVSS 9.8 rating reflecting network-reachable, low-complexity exploitation with no privileges or user interaction required, and no public exploit identified at time of analysis. The advisory was issued by Turkey's national CERT (USOM), suggesting regional relevance to Turkish insurance-sector deployments.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-11736 MEDIUM POC This Month

A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

PHP SQLi Online Examination System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-11717 CRITICAL PATCH Act Now

Firefox for Android leaks password-related screen content through the Android task switcher card carousel, exposing sensitive information to local attackers with physical or remote access to the device. Affects Firefox for Android versions prior to 144. No public exploit identified at time of analysis, but exploitation is trivial requiring only device access and standard OS features. CVSS 9.1 reflects the unauthenticated network attack vector, though real-world exploitation typically requires local device access, making the practical risk moderate for most threat models.

Mozilla Google Information Disclosure Suse
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-59249 HIGH This Week

Privilege escalation in Microsoft Exchange Server (including 2016 cumulative updates and Subscription Edition) allows an authenticated network attacker to elevate privileges due to weak authentication mechanisms (CWE-1390). With a CVSS score of 8.8 and full confidentiality, integrity, and availability impact, this represents a significant risk to mail infrastructure, though no public exploit identified at time of analysis.

Microsoft Information Disclosure Exchange Server Exchange Server Subscription Edition
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2025-11715 HIGH PATCH This Week

Memory corruption in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird ESR 140.3 enables remote arbitrary code execution when users interact with malicious content. Exploitation requires user interaction (opening crafted web content or email), but no authentication is needed. Mozilla issued patches in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird ESR 140.4. With CVSS 8.8 and EPSS data unavailable, the vulnerability represents critical risk to unpatched installations. No public exploit identified at time of analysis, though Mozilla's acknowledgment of memory corruption evidence suggests exploitation is technically feasible.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-11714 HIGH PATCH This Week

Memory corruption vulnerabilities in Mozilla Firefox and Thunderbird allow remote code execution when users interact with malicious web content. Affects Firefox ESR 115.28 and below, Firefox ESR 140.3 and below, Firefox 143 and below, Thunderbird 143 and below, and Thunderbird ESR 140.3 and below. Mozilla confirmed memory safety bugs with evidence of memory corruption presumed exploitable for arbitrary code execution. Vendor-released patches available: Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4. CVSS 8.8 severity driven by network attack vector with low complexity requiring only user interaction, no authentication required. No public exploit identified at time of analysis, though multiple internal bug reports suggest coordinated fix effort.

Mozilla RCE Buffer Overflow Thunderbird Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-10228 HIGH This Week

Session hijacking against Rolantis Information Technologies Agentis prior to version 4.44 is possible because the application fails to regenerate session identifiers across authentication state changes, letting a remote attacker who can lure a victim into using an attacker-supplied session token take over the authenticated session. CVSS 8.8 reflects full confidentiality, integrity, and availability impact once hijacked, but no public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Information Disclosure Session Fixation
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-49552 HIGH This Week

DOM-based Cross-Site Scripting in Adobe Connect 12.9 and earlier enables session hijacking when high-privileged administrators interact with attacker-crafted pages. Scope change to 'C' indicates the attacker can pivot beyond the vulnerable component's security boundary, allowing privileged session takeover that impacts both confidentiality and integrity at high levels. No active exploitation confirmed per CISA KEV at time of analysis. Adobe has released security advisory APSB25-70 addressing this vulnerability.

XSS Adobe
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-11720 HIGH PATCH This Week

User interface spoofing in Firefox and Firefox Focus for Android's custom tab implementation allows remote attackers to misrepresent subdomain origins, enabling phishing attacks through crafted URLs. The custom tab feature truncates displayed hostnames to show only the parent domain, allowing malicious content on attacker-controlled subdomains (e.g., evil.example.com) to appear as legitimate sibling subdomains (e.g., legitimate.example.com). With CVSS 8.1 (High Confidentiality/Integrity impact) and no authentication required, this represents significant phishing risk for Android Firefox users. Patched in Firefox 144; no public exploit identified at time of analysis, though the UI flaw is straightforward to exploit.

Mozilla Google Information Disclosure Suse
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-11713 HIGH PATCH This Week

Command injection via Firefox/Thunderbird 'Copy as cURL' feature on Windows allows remote attackers to execute arbitrary commands when users copy network requests as cURL commands and paste them into terminals. Affects Firefox <144, Firefox ESR <140.4, Thunderbird <144, and Thunderbird <140.4 exclusively on Windows platforms. No public exploit identified at time of analysis, but attack vector requires only user interaction (CVSS PR:N/UI:R) with no privileges needed.

Mozilla Information Disclosure Microsoft Thunderbird Red Hat +1
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-59234 HIGH This Week

Local code execution in Microsoft Office (including 365 Apps Enterprise, Office 2016/2019, and Office LTSC 2021 across Windows, macOS, and Android) is possible when a victim opens a maliciously crafted document that triggers a use-after-free condition. An unauthorized attacker who convinces a user to open the file can execute arbitrary code in the context of the current user, with no public exploit identified at time of analysis. CVSS is 7.8 reflecting local attack vector with required user interaction but full confidentiality, integrity, and availability impact.

Memory Corruption Microsoft Denial Of Service Use After Free 365 Apps +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-59227 HIGH This Week

Local code execution in Microsoft Office (including Microsoft 365 Apps Enterprise, Office 2016/2019, and Office LTSC 2021 across Windows x86/x64, macOS, and Android) arises from a use-after-free memory corruption (CWE-416) that an attacker can trigger by convincing a user to open a crafted document. Exploitation runs in the context of the current user with high impact on confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.

Memory Corruption Microsoft Denial Of Service Use After Free 365 Apps +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-53782 HIGH This Week

Local privilege escalation in Microsoft Exchange Server 2016 (and Subscription Edition) stems from an incorrect implementation of an authentication algorithm (CWE-303), allowing a low-privileged local user to gain high-impact control over confidentiality, integrity, and availability of the mail platform. The flaw was reported by Microsoft (MSRC) and carries a CVSS 3.1 base of 7.8 (AV:L/AC:L/PR:L/UI:N). At time of analysis, no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but exploitation by an authenticated insider on an Exchange host would yield full server compromise.

Microsoft Authentication Bypass Exchange Server Exchange Server Subscription Edition
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-59248 HIGH This Week

Spoofing in Microsoft Exchange Server (including 2016 cumulative updates and Subscription Edition) allows remote unauthenticated attackers to impersonate trusted entities over the network due to improper input validation. The flaw carries a CVSS 7.5 with integrity-only impact, and no public exploit identified at time of analysis. Defenders should treat it as a credible spoofing/authentication-bypass primitive that may be chained with downstream phishing or follow-on Exchange attacks.

Microsoft Authentication Bypass Exchange Server Exchange Server Subscription Edition
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2025-57740 HIGH This Week

Authenticated remote code execution in Fortinet FortiOS, FortiProxy, and FortiPAM enables low-privileged users to trigger a heap-based buffer overflow through crafted RDP bookmark connection requests. The flaw affects multiple major release trains across all three product families, including FortiOS 7.6.2 and earlier, 7.4.7 and earlier, 7.2.10 and earlier, and all 6.4/7.0 versions. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV.

Fortinet Heap Overflow Buffer Overflow Fortiproxy Fortipam +1
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-25253 HIGH This Week

Man-in-the-middle interception is possible against the ZTNA proxy in FortiProxy 7.6.1 and earlier, 7.4.8 and earlier, and all 7.2/7.0 versions, as well as FortiOS 7.6.2 and earlier, 7.4.8 and earlier, and all 7.2/7.0 versions, due to improper certificate-host validation (CWE-297). An adjacent network attacker in a privileged path-position can intercept and tamper with ZTNA proxy connections, undermining a control specifically deployed to enforce zero-trust authentication. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV.

Fortinet Information Disclosure Fortiproxy Fortios
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-60535 HIGH This Week

Cross-Site Request Forgery in Wallos v4.1.1 lets remote attackers trick an authenticated user's browser into submitting a crafted GET request to the /endpoints/currency/currency component, performing unwanted currency operations without the victim's consent. The flaw stems from missing anti-CSRF token validation on state-changing requests. There is no public exploit identified at time of analysis, and the EPSS score is low (0.17%, 6th percentile), indicating little observed exploitation interest.

CSRF
NVD GitHub
CVSS 3.1
7.3
EPSS
0.2%
CVE-2025-11718 MEDIUM PATCH This Month

Firefox on Android allows remote attackers to display a fake address bar by exploiting the visibilitychange event when the legitimate address bar is hidden due to scrolling, enabling phishing attacks and user deception. The vulnerability affects Firefox versions prior to 144 and requires user interaction (clicking on the fake address bar). Mozilla released patched version Firefox 144 to address this issue, and there is no evidence of active exploitation at the time of analysis.

Mozilla Google Information Disclosure Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-11716 MEDIUM PATCH This Month

Sandboxed iframes in Firefox and Thunderbird can bypass Android permission restrictions to launch external applications without the required allow-permissions, enabling attackers to trigger unintended app launches through malicious links. Unauthenticated remote attackers can exploit this via user interaction (link click) to achieve integrity impact. Firefox 144 and Thunderbird 144 contain fixes; no public exploit code or active exploitation has been identified.

Mozilla Google Authentication Bypass Thunderbird Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-11711 MEDIUM PATCH This Month

Modify read-only JavaScript Object properties in Firefox and Thunderbird via crafted web content, allowing attackers to bypass property immutability protections and alter application state. Affects Firefox versions below 144, Firefox ESR below 115.29 and 140.4, Thunderbird below 144 and 140.4. Requires user interaction (malicious website visit) but no authentication. CVSS 6.5 reflects high integrity impact with user-interaction requirement; no evidence of active exploitation or public exploit code at time of analysis.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-31366 MEDIUM This Month

Reflected cross-site scripting (XSS) in FortiOS, FortiProxy, and FortiSASE allows unauthenticated remote attackers to inject and execute malicious scripts in a victim's browser by tricking them into clicking a crafted HTTP request link. The vulnerability spans a wide range of FortiOS versions from 6.4 through 7.6.3 and all FortiProxy 7.x branches, meaning a large installed base of Fortinet network security appliances is affected. A Siemens CERT advisory (SSA-864900) indicates this vulnerability also affects Siemens products that embed Fortinet components, broadening organizational impact. No public exploit or CISA KEV listing has been identified at time of analysis.

Fortinet XSS Fortios Fortiproxy Fortisase
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-47890 MEDIUM This Month

Open redirect vulnerability in Fortinet FortiOS, FortiProxy, and FortiSASE enables unauthenticated attackers on an adjacent network segment to redirect authenticated users to attacker-controlled sites via crafted HTTP requests. The attack surface is substantially constrained by the adjacent-network-only vector (AV:A), high attack complexity (AC:H), and mandatory user interaction (UI:R), yielding a CVSS 2.6 Low severity score. No public exploit identified at time of analysis, and EPSS at 0.01% (1st percentile) confirms negligible observed exploitation pressure. A Siemens PSIRT advisory (SSA-864900) indicates this vulnerability also affects Siemens products embedding Fortinet components.

Fortinet Open Redirect Fortios Fortiproxy Fortisase
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-11712 MEDIUM PATCH This Month

Firefox and Thunderbird allow cross-site scripting (XSS) attacks when a malicious page uses the type attribute of an OBJECT tag to override default browser behavior for resources served without a content-type header. An attacker can craft a malicious webpage that exploits this flaw to execute arbitrary JavaScript in the context of a vulnerable site that unsafely omits content-type headers, affecting Firefox versions before 144, Firefox ESR before 140.4, Thunderbird before 144, and Thunderbird ESR before 140.4. No public exploit code or active exploitation has been identified at time of analysis.

Mozilla XSS Thunderbird Red Hat Suse
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-54265 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.9-alpha2 through 2.4.4-p15 are vulnerable to an incorrect authorization flaw that allows remote, unauthenticated attackers to bypass security controls and gain unauthorized read access to sensitive data. The vulnerability requires specific conditions beyond the attacker's control and does not require user interaction, but carries a moderate CVSS score of 5.9 reflecting high confidentiality impact and high attack complexity.

Authentication Bypass Adobe
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-33044 MEDIUM This Month

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability.

Buffer Overflow Aptio V
NVD
CVSS 4.0
5.9
EPSS
0.1%
CVE-2025-22832 MEDIUM This Month

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.

Buffer Overflow Memory Corruption Aptio V
NVD
CVSS 4.0
5.9
EPSS
0.0%
CVE-2025-22831 MEDIUM This Month

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.

Buffer Overflow Memory Corruption Aptio V
NVD
CVSS 4.0
5.9
EPSS
0.0%
CVE-2025-54196 MEDIUM This Month

Open redirect vulnerability in Adobe Connect 12.9 and earlier allows remote attackers to redirect users to arbitrary websites by crafting malicious links, requiring victim interaction to click the link. The vulnerability has low confidentiality impact with CVSS 4.3 and no confirmed active exploitation or public exploit code at time of analysis.

Open Redirect Adobe Connect
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-11731 LOW Monitor

A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to exploit, the flaw could lead to application instability or denial of service.

Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-58903 LOW Monitor

Authenticated denial-of-service in Fortinet FortiOS allows a high-privileged user to crash the HTTP daemon via a specially crafted API request. The root cause is an unchecked return value (CWE-252) that triggers a null pointer dereference in the HTTP daemon, resulting in a temporary service disruption. EPSS exploitation probability is 0.06% (20th percentile), no KEV listing, and no public exploit identified at time of analysis, placing this as low operational priority despite network-reachable attack vector.

Fortinet Denial Of Service Fortios
NVD
CVSS 3.1
2.7
EPSS
0.1%
CVE-2025-31514 LOW Monitor

Sensitive 2FA-related information is written to FortiOS log files and exposed via diagnose commands, allowing a highly privileged attacker with at least read-only administrative access to recover two-factor authentication data. Affected versions span FortiOS 6.4 through 7.6.3 and FortiProxy across all versions per CPE data, representing a wide installed base. No public exploit code exists and no active exploitation has been confirmed; EPSS of 0.04% at the 13th percentile reflects minimal real-world exploitation pressure at this time.

Fortinet Information Disclosure
NVD VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-59214 MEDIUM This Month

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +14
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy