Skip to main content
CVE-2025-66261 CRITICAL POC Act Now

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection RCE Mozart Next 100 Firmware Mozart Next 1000 Firmware +20
NVD
CVSS 4.0
9.9
EPSS
0.7%
CVE-2025-66256 CRITICAL POC Act Now

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
9.9
EPSS
0.1%
CVE-2025-66255 CRITICAL POC Act Now

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP RCE Mozart Next 3000 Firmware Mozart Next 3500 Firmware +20
NVD
CVSS 4.0
9.9
EPSS
0.3%
CVE-2025-66253 CRITICAL POC Act Now

Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection RCE Mozart Next 100 Firmware Mozart Next 1000 Firmware +20
NVD
CVSS 4.0
9.9
EPSS
0.7%
CVE-2025-50433 CRITICAL POC Act Now

An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary user accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Imonnit
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-26155 CRITICAL POC Act Now

NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Ncp Secure Entry Client Secure Enterprise Client Windows
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-55469 CRITICAL POC Act Now

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Youlai Boot
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-65236 CRITICAL POC Act Now

OpenCode Systems USSD Gateway OC Release: 5 was discovered to contain a SQL injection vulnerability via the Session ID parameter in the /occontrolpanel/index.php endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ussd Gateway
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-65235 CRITICAL POC Act Now

OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL injection vulnerability via the ID parameter in the getSubUsersByProvider function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ussd Gateway
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-50402 CRITICAL POC Act Now

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter string fac_password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Fac1200R Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-50399 CRITICAL POC Act Now

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Fac1200R Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-66022 CRITICAL POC PATCH Act Now

FACTION is a PenTesting Report Generation and Collaboration Framework. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Faction
NVD GitHub
CVSS 3.1
9.6
EPSS
0.9%
CVE-2025-66262 CRITICAL POC Act Now

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Path Traversal PHP Mozart Next 100 Firmware Mozart Next 1000 Firmware +20
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-66259 CRITICAL POC Act Now

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
9.3
EPSS
0.6%
CVE-2025-66257 CRITICAL POC Act Now

Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
9.2
EPSS
0.2%
CVE-2025-66250 CRITICAL POC Act Now

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
9.2
EPSS
0.1%
CVE-2025-65669 CRITICAL POC Act Now

An issue was discovered in classroomio 0.1.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Classroomio
NVD GitHub
CVSS 3.1
9.1
EPSS
0.4%
CVE-2025-66263 HIGH POC This Week

Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Mozart Next 3000 Firmware Mozart Next 3500 Firmware Mozart Next 50 Firmware +19
NVD
CVSS 4.0
8.9
EPSS
0.1%
CVE-2025-65966 HIGH POC PATCH This Week

OneUptime is a solution for monitoring and managing online services. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Oneuptime
NVD GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2025-56396 HIGH POC This Week

An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the owning department having higher rights than the active user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ruoyi
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2020-36871 HIGH POC This Week

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.5%
CVE-2020-36872 HIGH POC This Week

BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.3%
CVE-2025-66021 HIGH POC PATCH This Week

OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Java Java Html Sanitizer Red Hat
NVD GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-66252 HIGH POC This Week

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
8.4
EPSS
0.2%
CVE-2025-65202 HIGH POC This Week

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "next_file," which allows. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 657Brm Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.3%
CVE-2025-66254 HIGH POC This Week

Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware +19
NVD
CVSS 4.0
7.8
EPSS
0.2%
CVE-2025-13601 HIGH POC PATCH CISA This Week

Heap-based buffer overflow in GLib's g_escape_uri_string() function allows local attackers to achieve high-integrity and high-availability impacts through integer overflow in escaped string length calculation. The vulnerability affects Red Hat Enterprise Linux 9.0 and 10.0 across multiple architectures (x86_64, ARM64, IBM Z, PowerPC). Vendor patches are available via multiple RHSA advisories. Publicly available exploit code exists, but EPSS score remains extremely low (0.01%, 1st percentile), suggesting minimal real-world exploitation activity despite the availability of technical details.

Buffer Overflow Integer Overflow Codeready Linux Builder Codeready Linux Builder For Ibm Z Systems Codeready Linux Builder For Power Little Endian +26
NVD VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-66251 HIGH POC This Week

Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mozart Next 100 Firmware Mozart Next 1000 Firmware Mozart Next 2000 Firmware Mozart Next 30 Firmware +18
NVD
CVSS 4.0
7.7
EPSS
0.7%
CVE-2025-65672 HIGH POC This Week

Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows unauthorized share and invite access to course settings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Classroomio
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65278 HIGH POC This Week

An issue was discovered in file users.json in GroceryMart commit 21934e6 (2020-10-23) allowing unauthenticated attackers to gain sensitive information including plaintext usernames and passwords. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Grocerymart
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-55471 HIGH POC This Week

Incorrect access control in the getUserFormData function of youlai-boot v2.21.1 allows attackers to access sensitive information for other users. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Youlai Boot
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-66260 HIGH POC This Week

PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP PostgreSQL Mozart Next 100 Firmware Mozart Next 1000 Firmware +20
NVD
CVSS 4.0
7.2
EPSS
0.0%
CVE-2025-11461 HIGH POC PATCH This Week

Multiple SQL Injections in Frappe CRM Dashboard Controller due to unsafe concatenation of user-controlled parameters into dynamic SQL statements.53.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Frappe Crm
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-66258 HIGH POC This Week

Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mozart Next 6000 Firmware Mozart Next 500 Firmware Mozart Next 50 Firmware Mozart Next 3500 Firmware +18
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-66028 MEDIUM POC PATCH This Month

OneUptime is a solution for monitoring and managing online services. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Privilege Escalation Oneuptime
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-65238 MEDIUM POC This Month

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ussd Gateway
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-63938 MEDIUM POC PATCH This Month

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Tinyproxy Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-65956 MEDIUM POC PATCH This Month

Formwork is a flat file-based Content Management System (CMS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Formwork
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65237 MEDIUM POC This Month

A reflected cross-site scripted (XSS) vulnerability in OpenCode Systems USSD Gateway OC Release: 5 allows attackers to execute arbitrary JavaScript in the context of a user's browser via injecting a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ussd Gateway
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-66026 MEDIUM POC PATCH This Month

REDAXO is a PHP-based CMS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Redaxo
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-64128 CRITICAL Act Now

An OS command injection vulnerability exists due to incomplete validation of user-supplied input. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Command Injection
NVD GitHub
CVSS 4.0
10.0
EPSS
10.9%
CVE-2025-64127 CRITICAL Act Now

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Command Injection
NVD GitHub
CVSS 4.0
10.0
EPSS
10.9%
CVE-2025-64126 CRITICAL Act Now

An OS command injection vulnerability exists due to improper input validation. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Command Injection
NVD GitHub
CVSS 4.0
10.0
EPSS
10.9%
CVE-2025-65276 CRITICAL Act Now

An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Authentication Bypass Privilege Escalation Hashtech
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-62354 CRITICAL Act Now

Improper neutralization of special elements used in an OS command ('command injection') in Cursor allows an unauthorized attacker to execute commands that are outside of those specified in the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-59390 CRITICAL PATCH Act Now

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Druid
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64657 CRITICAL Act Now

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Microsoft Azure Application Gateway
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-65676 MEDIUM POC This Month

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG cover images. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Classroomio
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-65675 MEDIUM POC This Month

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Classroomio
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-62593 CRITICAL PATCH Act Now

Ray is an AI compute engine. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Code Injection Mozilla Firefox +2
NVD GitHub
CVSS 4.0
9.4
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy