THREAT ALERT

Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — December 01, 2025

147 CVEs tracked today. 14 Critical, 63 High, 66 Medium, 2 Low.

CVE-2025-66301 CRITICAL CVSS 9.6
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due to improper authorization checks when modifying critical fields on a POST request to /admin/pages/{page_name}, an editor with only permissions to change basic content on the form is now able to change the functioning of the form through modifying the content of the data[_json][header][form] which is the YAML frontmatter which includes the process section which dictates what happens after a user submits the form which include some important actions that could lead to further vulnerabilities. This vulnerability is fixed in 1.8.0-beta.27.

Authentication Bypass Grav
CVE-2025-66410 CRITICAL CVSS 9.1
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

Path Traversal Gin Vue Admin Suse
CVE-2025-66405 CRITICAL CVSS 9.8
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.

SSRF Gateway
CVE-2025-66401 CRITICAL CVSS 9.8
MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.

Command Injection Mcp Watch
CVE-2025-66294 HIGH CVSS 8.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the cleanDangerousTwig method. This vulnerability is fixed in 1.8.0-beta.27.

RCE Code Injection Grav
CVE-2025-65836 CRITICAL CVSS 9.1
PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of SimpleAiAdminController.

SSRF Publiccms
CVE-2025-63535 CRITICAL CVSS 9.6
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

PHP Authentication Bypass SQLi Blood Bank Management System
CVE-2025-63532 CRITICAL CVSS 9.6
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

PHP Authentication Bypass SQLi Blood Bank Management System
CVE-2025-63531 CRITICAL CVSS 10.0
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, an attacker can bypass authentication and gain unauthorized access to the system.

PHP Authentication Bypass SQLi Blood Bank Management System
CVE-2025-63525 CRITICAL CVSS 9.6
An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php.

PHP Authentication Bypass Blood Bank Management System
CVE-2025-51683 CRITICAL CVSS 9.8
A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

SQLi Mjobtime
CVE-2025-51682 CRITICAL CVSS 9.8
CVE-2025-51682 is a security vulnerability (CVSS 9.8) that allows an attacker. Risk factors: public PoC available.

Information Disclosure Mjobtime
CVE-2025-12106 CRITICAL CVSS 9.1
Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses

Buffer Overflow Ubuntu Debian Openvpn Suse
CVE-2025-8351 CRITICAL CVSS 9.0
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

Heap Overflow Buffer Overflow Apple macOS
CVE-2025-3500 CRITICAL CVSS 9.0
Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

Privilege Escalation Integer Overflow Microsoft Antivirus Windows
CVE-2025-66448 HIGH CVSS 7.1
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.

RCE Python Code Injection Debian Vllm
CVE-2025-66313 HIGH CVSS 7.2
ChurchCRM is an open-source church management system. In ChurchCRM 6.2.0 and earlier, there is a time-based blind SQL injection in the handling of the 1FieldSec parameter. Injecting SLEEP() causes deterministic server-side delays, proving the value is incorporated into a SQL query without proper parameterization. The issue allows data exfiltration and modification via blind techniques.

SQLi Churchcrm
CVE-2025-66300 HIGH CVSS 8.5
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A low privilege user account with page editing privilege can read any server files using "Frontmatter" form. This includes Grav user account files (/grav/user/accounts/*.yaml), which store hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. This vulnerability is fixed in 1.8.0-beta.27.

Path Traversal Grav
CVE-2025-66299 HIGH CVSS 8.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. Since the security sandbox does not fully protect the Twig object, it is possible to interact with it (e.g., call methods, read/write attributes) through maliciously crafted Twig template directives injected into a web page. This allows an authenticated editor to add arbitrary functions to the Twig attribute system.twig.safe_filters, effectively bypassing the Grav CMS sandbox. This vulnerability is fixed in 1.8.0-beta.27.

RCE Code Injection Grav
CVE-2025-66298 HIGH CVSS 7.5
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, having a simple form on site can reveal the whole Grav configuration details (including plugin configuration details) by using the correct POST payload to exploit a Server-Side Template (SST) vulnerability. Sensitive information may be contained in the configuration details. This vulnerability is fixed in 1.8.0-beta.27.

Information Disclosure Grav
CVE-2025-66297 HIGH CVSS 8.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a user with admin panel access and permissions to create or edit pages in Grav CMS can enable Twig processing in the page frontmatter. By injecting malicious Twig expressions, the user can escalate their privileges to admin or execute arbitrary system commands via the scheduler API. This results in both Privilege Escalation (PE) and Remote Code Execution (RCE) vulnerabilities. This vulnerability is fixed in 1.8.0-beta.27.

Privilege Escalation RCE Grav
CVE-2025-66296 HIGH CVSS 8.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limited user-manager permissions to full administrator access. This vulnerability is fixed in 1.8.0-beta.27.

Privilege Escalation Grav
CVE-2025-66295 HIGH CVSS 8.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, when a user with privilege of user creation creates a new user through the Admin UI and supplies a username containing path traversal sequences (for example ..\Nijat or ../Nijat), Grav writes the account YAML file to an unintended path outside user/accounts/. The written YAML can contain account fields such as email, fullname, twofa_secret, and hashed_password. This vulnerability is fixed in 1.8.0-beta.27.

Path Traversal Grav
CVE-2025-66205 HIGH CVSS 7.1
Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, a certain endpoint was vulnerable to error-based SQL injection due to lack of validation of parameters. Some information like version could be retrieved. This vulnerability is fixed in 15.86.0 and 14.99.2.

SQLi Frappe
CVE-2025-65840 HIGH CVSS 8.8
PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminController.

CSRF Publiccms
CVE-2025-65838 HIGH CVSS 7.5
PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method.

Path Traversal Publiccms
CVE-2025-64775 HIGH CVSS 7.5
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Ubuntu Debian Struts
CVE-2025-64772 HIGH CVSS 7.8
A security vulnerability in installer of INZONE Hub 1.0.10.3 to 1.0.17.0 (CVSS 7.8). High severity vulnerability requiring prompt remediation.

RCE
CVE-2025-63534 HIGH CVSS 8.5
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
CVE-2025-63533 HIGH CVSS 8.5
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the rname, remail, rpassword, rphone, rcity parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
CVE-2025-63528 HIGH CVSS 8.5
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the blooddinfo.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the error parameter, which is then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
CVE-2025-63527 HIGH CVSS 8.5
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the hname, hemail, hpassword, hphone, hcity parameters, which are then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
CVE-2025-63526 HIGH CVSS 8.5
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter, which is then executed in the victim's browser when the page is viewed.

PHP XSS Blood Bank Management System
CVE-2025-63365 HIGH CVSS 7.1
SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the EPUB file processing component, specifically in the functionality responsible for extracting and handling EPUB archive contents.

Path Traversal Epub File Reader
CVE-2025-61619 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61618 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61617 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61610 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61609 HIGH CVSS 7.5
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61608 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61607 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-61229 HIGH CVSS 7.8
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.

Privilege Escalation Apple macOS
CVE-2025-61228 HIGH CVSS 7.8
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism

RCE
CVE-2025-59789 HIGH CVSS 7.5
Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser uses a recursive parsing method by default. If the input json has a large depth of recursive structure, the parser function may run into stack overflow. Affected Scenarios: Use bRPC server with protobuf message to serve http+json requests from untrusted network. Or directly use JsonToProtoMessage to convert json from untrusted input. How to Fix: (Choose one of the following options) 1. Upgrade bRPC to version 1.15.0, which fixes this issue. 2. Apply this patch: https://github.com/apache/brpc/pull/3099 Note: No matter which option you choose, you should know that the fix introduces a recursion depth limit with default value 100. It affects these functions: ProtoMessageToJson, ProtoMessageToProtoJson, JsonToProtoMessage, and ProtoJsonToProtoMessage. If your requests contain json or protobuf messages that have a depth exceeding the limit, the request will be failed after applying the fix. You can modify the gflag json2pb_max_recursion_depth to change the limit.

Denial Of Service Apache Debian Brpc
CVE-2025-57489 HIGH CVSS 8.1
Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary.

Authentication Bypass
CVE-2025-55749 HIGH CVSS 7.5
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package (XJetty), a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials. Fixed in 16.10.11, 17.4.4, and 17.7.0.

Authentication Bypass Xwiki
CVE-2025-55222 HIGH CVSS 8.6
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus RTU over TCP on port 503.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-55221 HIGH CVSS 8.6
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus TCP over port 502.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-54851 HIGH CVSS 7.5
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a single Modbus TCP message to port 503 using the Write Single Register function code (6) to write the value 1 to register 4352. This action changes the Modbus address to 15. After this message is sent, the device will be in a denial-of-service state.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-54850 HIGH CVSS 7.5
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a sequence of Modbus RTU over TCP messages to port 503 using the Write Single Register function code (6). The attack sequence begins with a message to register 58112 with a value of 1000, indicating that a configuration change will follow. Next, a message is sent to register 29440 with a value corresponding to the new Modbus address to be configured. Finally, a message to register 57856 with a value of 161 commits the configuration change. After this configuration change, the device will be in a denial-of-service state.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-54849 HIGH CVSS 7.5
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a single Modbus TCP message to port 502 using the Write Single Register function code (6) to write the value 1 to register 4352. This action changes the Modbus address to 15. After this message is sent, the device will be in a denial-of-service state.

Authentication Bypass Denial Of Service Diris Digiware M 70 Firmware
CVE-2025-54848 HIGH CVSS 7.5
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a sequence of Modbus TCP messages to port 502 using the Write Single Register function code (6). The attack sequence begins with a message to register 58112 with a value of 1000, indicating that a configuration change will follow. Next, a message is sent to register 29440 with a value corresponding to the new Modbus address to be configured. Finally, a message to register 57856 with a value of 161 commits the configuration change. After this configuration change, the device will be in a denial-of-service state.

Authentication Bypass Denial Of Service Diris Digiware M 70 Firmware
CVE-2025-41738 HIGH CVSS 7.5
An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

Information Disclosure Memory Corruption Control For Pfc100 Sl Runtime Toolkit Control For Wago Touch Panels 600 Sl
CVE-2025-41700 HIGH CVSS 7.8
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.

RCE Deserialization Codesys
CVE-2025-34297 HIGH CVSS 8.6
KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor initialization loop writes nfft elements, causing a heap buffer overflow. This vulnerability only affects 32-bit architectures.

Integer Overflow Buffer Overflow Suse
CVE-2025-26858 HIGH CVSS 8.6
A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

Denial Of Service Buffer Overflow Diris M 70 Firmware
CVE-2025-23417 HIGH CVSS 8.6
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-20085 HIGH CVSS 7.2
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2025-13836 HIGH CVSS 7.5
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

Denial Of Service Ubuntu Debian Python Redhat
CVE-2025-13829 HIGH CVSS 8.6
A security vulnerability in Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey (CVSS 8.6) that allows any logged-in user. High severity vulnerability requiring prompt remediation.

Authentication Bypass
CVE-2025-13814 HIGH CVSS 7.3
A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

SSRF Mogublog
CVE-2025-13808 HIGH CVSS 7.3
A security vulnerability in orionsec orion-ops (CVSS 7.3). Risk factors: public PoC available.

Information Disclosure Java Orion Ops
CVE-2025-13806 HIGH CVSS 7.3
A security vulnerability in nutzam NutzBoot (CVSS 7.3). Risk factors: public PoC available.

Information Disclosure Java Nutzboot
CVE-2025-13803 HIGH CVSS 7.3
A security vulnerability in A vulnerability (CVSS 7.3). High severity vulnerability requiring prompt remediation.

Information Disclosure
CVE-2025-11699 HIGH CVSS 7.1
nopCommerce v4.70 and prior, and version 4.80.3, does not invalidate session cookies after logout or session termination, allowing an attacker who has a a valid session cookie access to privileged endpoints (such as /admin) even after the legitimate user has logged out, enabling session hijacking. Any version above 4.70 that is not 4.80.3 fixes the vulnerability.

Information Disclosure Nopcommerce
CVE-2025-11133 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-11132 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-11131 HIGH CVSS 7.5
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2025-10101 HIGH CVSS 8.1
Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025.

Heap Overflow Denial Of Service Buffer Overflow Apple macOS
CVE-2025-7007 HIGH CVSS 7.5
NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

Microsoft Denial Of Service Null Pointer Dereference Apple Windows
CVE-2025-3012 HIGH CVSS 7.5
In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed

Denial Of Service Android Google
CVE-2024-56089 HIGH CVSS 7.5
An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack.

Code Injection Dnsserver
CVE-2024-53684 HIGH CVSS 7.5
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.

CSRF Authentication Bypass Diris M 70 Firmware
CVE-2024-49572 HIGH CVSS 7.2
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2024-48882 HIGH CVSS 8.6
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Authentication Bypass Denial Of Service Diris M 70 Firmware
CVE-2024-45370 HIGH CVSS 7.3
An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

Authentication Bypass
CVE-2024-39148 HIGH CVSS 8.1
The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall.

RCE Code Injection Keros
CVE-2025-66415 MEDIUM CVSS 5.4
A security vulnerability in to forward the current HTTP request to another server. (CVSS 5.4). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Reply From Redhat
CVE-2025-66412 MEDIUM CVSS 5.4
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.

XSS Ubuntu Debian Angular Redhat
CVE-2025-66403 MEDIUM CVSS 4.6
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site scripting (XSS) vulnerability exists in the Filerise application due to improper handling of uploaded SVG files. The application accepts user-supplied SVG uploads without sanitizing or restricting embedded script content. When a malicious SVG containing inline JavaScript or event-based payloads is uploaded, it is later rendered directly in the browser whenever viewed within the application. Because SVGs are XML-based and allow scripting, they execute in the origin context of the application, enabling full stored XSS. This vulnerability is fixed in 2.2.3.

XSS File Upload Filerise
CVE-2025-66400 MEDIUM CVSS 5.3
mdast-util-to-hast is an mdast utility to transform to hast. From 13.0.0 to before 13.2.1, multiple (unprefixed) classnames could be added in markdown source by using character references. This could make rendered user supplied markdown code elements appear like the rest of the page. This vulnerability is fixed in 13.2.1.

Information Disclosure Mdast Util To Hast Redhat Suse
CVE-2025-66312 MEDIUM CVSS 5.4
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the /admin/accounts/groups/Grupo endpoint of the Grav application. This vulnerability allows attackers to inject malicious scripts into the data[readableName] parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 1.11.0-beta.1.

XSS Grav Plugin Admin
CVE-2025-66311 MEDIUM CVSS 5.4
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the /admin/pages/[page] endpoint of the Grav application. This vulnerability allows attackers to inject malicious scripts into the data[header][metadata], data[header][taxonomy][category], and data[header][taxonomy][tag] parameters. These scripts are stored in the page frontmatter and executed automatically whenever the affected page is accessed or rendered in the administrative interface. This vulnerability is fixed in 1.11.0-beta.1.

XSS Grav Plugin Admin
CVE-2025-66310 MEDIUM CVSS 5.4
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the /admin/pages/[page] endpoint of the Grav application. This vulnerability allows attackers to inject malicious scripts into the data[header][template] parameter. The script is saved within the page's frontmatter and executed automatically whenever the affected content is rendered in the administrative interface or frontend view. This vulnerability is fixed in 1.11.0-beta.1.

XSS Grav Plugin Admin
CVE-2025-66309 MEDIUM CVSS 6.1
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the /admin/pages/[page] endpoint of the Grav application. This vulnerability allows attackers to inject malicious scripts into the data[header][content][items] parameter. This vulnerability is fixed in 1.11.0-beta.1.

XSS Grav Plugin Admin
CVE-2025-66308 MEDIUM CVSS 5.4
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the /admin/config/site endpoint of the Grav application. This vulnerability allows attackers to inject malicious scripts into the data[taxonomies] parameter. The injected payload is stored on the server and automatically executed in the browser of any user who accesses the affected site configuration, resulting in a persistent attack vector. This vulnerability is fixed in 1.11.0-beta.1.

XSS Grav Plugin Admin
CVE-2025-66307 MEDIUM CVSS 6.5
A security vulnerability in This admin (CVSS 6.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Grav Plugin Admin
CVE-2025-66306 MEDIUM CVSS 4.3
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, there is an IDOR (Insecure Direct Object Reference) vulnerability in the Grav CMS Admin Panel which allows low-privilege users to access sensitive information from other accounts. Although direct account takeover is not possible, admin email addresses and other metadata can be exposed, increasing the risk of phishing, credential stuffing, and social engineering. This vulnerability is fixed in 1.8.0-beta.27.

Authentication Bypass Grav
CVE-2025-66305 MEDIUM CVSS 4.9
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service (DoS) vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel (/admin/config/system). Specifically, the Supported parameter fails to properly validate user input. If a malformed value is inserted-such as a single forward slash (/) or an XSS test string-it causes a fatal regular expression parsing error on the server. This leads to application-wide failure due to the use of the preg_match() function with an improperly constructed regular expression, resulting in an error. Once triggered, the site becomes completely unavailable to all users. This vulnerability is fixed in 1.8.0-beta.27.

Denial Of Service XSS Grav
CVE-2025-66304 MEDIUM CVSS 6.2
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, users with read access on the user account management section of the admin panel can view the password hashes of all users, including the admin user. This exposure can potentially lead to privilege escalation if an attacker can crack these password hashes. This vulnerability is fixed in 1.8.0-beta.27.

Information Disclosure Privilege Escalation Grav
CVE-2025-66303 MEDIUM CVSS 4.9
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service (DoS) vulnerability has been identified in Grav related to the handling of scheduled_at parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduled_at parameter with a malicious input, such as a single quote, the application admin panel becomes non-functional, causing significant disruptions to administrative operations. The only way to recover from this issue is to manually access the host server and modify the backup.yaml file to correct the corrupted cron expression. This vulnerability is fixed in 1.8.0-beta.27.

Denial Of Service Grav
CVE-2025-66302 MEDIUM CVSS 6.8
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A path traversal vulnerability has been identified in Grav CMS, allowing authenticated attackers with administrative privileges to read arbitrary files on the underlying server filesystem. This vulnerability arises due to insufficient input sanitization in the backup tool, where user-supplied paths are not properly restricted, enabling access to files outside the intended webroot directory. The impact of this vulnerability depends on the privileges of the user account running the application. This vulnerability is fixed in 1.8.0-beta.27.

Path Traversal Grav
CVE-2025-66206 MEDIUM CVSS 6.8
Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, certain requests were vulnerable to path traversal attacks, wherein some files from the server could be retrieved if the full path was known. Sites hosted on Frappe Cloud, and even other setups that are behind a reverse proxy like NGINX are unaffected. This would mainly affect someone directly using werkzeug/gunicorn. In those cases, either an upgrade or changing the setup to use a reverse proxy is recommended. This vulnerability is fixed in 15.86.0 and 14.99.2.

Nginx Path Traversal Frappe
CVE-2025-65622 MEDIUM CVSS 5.4
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session.

XSS Debian Snipe It
CVE-2025-65621 MEDIUM CVSS 5.4
Snipe-IT before 8.3.4 allows stored XSS, allowing a low-privileged authenticated user to inject JavaScript that executes in an administrator's session, enabling privilege escalation.

Privilege Escalation XSS Debian Snipe It
CVE-2025-65408 MEDIUM CVSS 6.5
A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

Denial Of Service Null Pointer Dereference Ubuntu Debian Streaming Media
CVE-2025-65407 MEDIUM CVSS 6.5
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.

Denial Of Service Memory Corruption Use After Free Ubuntu Debian
CVE-2025-65406 MEDIUM CVSS 6.5
A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.

Heap Overflow Denial Of Service Buffer Overflow Ubuntu Debian
CVE-2025-65405 MEDIUM CVSS 6.5
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.

Denial Of Service Memory Corruption Use After Free Ubuntu Debian
CVE-2025-65404 MEDIUM CVSS 6.5
A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.

Denial Of Service Buffer Overflow Ubuntu Debian Streaming Media
CVE-2025-65403 MEDIUM CVSS 6.5
A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Denial Of Service Buffer Overflow Lightftp
CVE-2025-64030 MEDIUM CVSS 5.4
Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript execution in their browsers.

XSS Eximbills Enterprise
CVE-2025-63529 MEDIUM CVSS 6.1
A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user's session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating a new one, enabling the attacker to hijack the authenticated session and gain unauthorized access to the victim's account.

PHP Authentication Bypass Blood Bank Management System
CVE-2025-63523 MEDIUM CVSS 6.5
FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes.

Information Disclosure Buffer Overflow Feehicms
CVE-2025-63522 MEDIUM CVSS 4.6
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function

XSS Feehicms
CVE-2025-63520 MEDIUM CVSS 6.1
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function (?r=user%2Fupdate).

XSS Feehicms
CVE-2025-63317 MEDIUM CVSS 5.4
Todoist v8896 is vulnerable to Cross Site Scripting (XSS) in /api/v1/uploads. Uploaded SVG files have no sanitization applied, so embedded JavaScript executes when a user opens the attachment from a task/comment.

XSS Todoist
CVE-2025-63095 MEDIUM CVSS 6.5
Improper input validation in the BitstreamWriter::write_bits() function of Tempus Ex hello-video-codec v0.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Denial Of Service Hello Video Codec
CVE-2025-58408 MEDIUM CVSS 5.9
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resource while in use.

Denial Of Service Memory Corruption Use After Free Ddk
CVE-2025-58044 MEDIUM CVSS 6.1
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect vulnerability. This vulnerability is fixed in v3.10.19 and v4.10.5.

Open Redirect Jumpserver
CVE-2025-49643 MEDIUM CVSS 6.5
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.

PHP Denial Of Service Ubuntu Debian Frontend
CVE-2025-49642 MEDIUM CVSS 5.8
CVE-2025-49642 is a security vulnerability (CVSS 5.8). Remediation should follow standard vulnerability management procedures.

Information Disclosure Debian Suse
CVE-2025-41739 MEDIUM CVSS 5.9
An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.

Information Disclosure Denial Of Service Buffer Overflow
CVE-2025-41070 MEDIUM CVSS 4.8
Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetes_varies.php'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

PHP XSS
CVE-2025-27232 MEDIUM CVSS 4.9
An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.

SSRF Ubuntu Debian Frontend Redhat
CVE-2025-13837 MEDIUM CVSS 5.5
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Denial Of Service Ubuntu Debian Python Redhat
CVE-2025-13835 MEDIUM CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tyche Softwares Arconix Shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through 2.1.19.

XSS
CVE-2025-13819 MEDIUM CVSS 6.1
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks.

Open Redirect
CVE-2025-13816 MEDIUM CVSS 6.3
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal Mogublog
CVE-2025-13815 MEDIUM CVSS 6.3
A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an unknown function of the file /file/pictures. This manipulation of the argument filedatas causes unrestricted upload. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Authentication Bypass File Upload Mogublog
CVE-2025-13813 MEDIUM CVSS 5.6
A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitability is assessed as difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Authentication Bypass Mogublog
CVE-2025-13811 MEDIUM CVSS 6.3
A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

SQLi Java Webstack Guns
CVE-2025-13810 MEDIUM CVSS 5.3
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal Webstack Guns
CVE-2025-13809 MEDIUM CVSS 6.3
A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection Handler. Such manipulation of the argument host/sshPort/username/password/authType leads to server-side request forgery. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. A patch should be applied to remediate this issue. The vendor was contacted early about this disclosure but did not respond in any way.

Java SSRF Orion Ops
CVE-2025-13807 MEDIUM CVSS 4.3
A security vulnerability in orionsec orion-ops (CVSS 4.3). Risk factors: public PoC available.

Information Disclosure Java Orion Ops
CVE-2025-13804 MEDIUM CVSS 4.3
A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

Information Disclosure Java
CVE-2025-13802 MEDIUM CVSS 4.3
A vulnerability was determined in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of the component Make a Reservation. This manipulation of the argument selected_date causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

XSS
CVE-2025-13800 MEDIUM CVSS 6.3
A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection B Qe2w401 Firmware
CVE-2025-13799 MEDIUM CVSS 6.3
A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection B Qe2w401 Firmware
CVE-2025-13798 MEDIUM CVSS 6.3
A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection B Qe2w401 Firmware
CVE-2025-13797 MEDIUM CVSS 6.3
A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection B Qe2w401 Firmware
CVE-2025-13796 MEDIUM CVSS 6.3
A security vulnerability has been detected in deco-cx apps up to 0.120.1. Affected by this vulnerability is the function AnalyticsScript of the file website/loaders/analyticsScript.ts of the component Parameter Handler. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 0.120.2 addresses this issue. It is suggested to upgrade the affected component.

SSRF
CVE-2025-13653 MEDIUM CVSS 4.3
In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges.

Information Disclosure
CVE-2025-13296 MEDIUM CVSS 5.4
Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025.

CSRF
CVE-2025-13129 MEDIUM CVSS 4.3
A remote code execution vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure
CVE-2025-12756 MEDIUM CVSS 4.3
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users.

Authentication Bypass Debian Mattermost Server Suse
CVE-2025-11772 MEDIUM CVSS 6.6
A privilege escalation vulnerability (CVSS 6.6) that allows a local user. Remediation should follow standard vulnerability management procedures.

RCE
CVE-2025-8045 MEDIUM CVSS 4.0
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

Denial Of Service Memory Corruption Use After Free Valhall Gpu Kernel Driver 5th Gen Gpu Architecture Kernel Driver
CVE-2025-6349 MEDIUM CVSS 5.1
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

Denial Of Service Memory Corruption Use After Free Valhall Gpu Kernel Driver 5th Gen Gpu Architecture Kernel Driver
CVE-2025-2879 MEDIUM CVSS 5.1
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

Information Disclosure Valhall Gpu Kernel Driver 5th Gen Gpu Architecture Kernel Driver
CVE-2024-48894 MEDIUM CVSS 5.9
A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

Information Disclosure Diris M 70 Firmware
CVE-2024-32388 MEDIUM CVSS 5.3
CVE-2024-32388 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures.

Authentication Bypass Keros
CVE-2024-32384 MEDIUM CVSS 6.8
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device.

Information Disclosure Keros
CVE-2025-65794 None
Rejected reason: DO NOT USE THIS CVE RECORD. No vendor patch available.

Information Disclosure
CVE-2025-65793 None
Rejected reason: DO NOT USE THIS CVE RECORD. No vendor patch available.

Information Disclosure
CVE-2025-13805 LOW CVSS 3.7
A weakness has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of the file nutzcloud/nutzcloud-literpc/src/main/java/org/nutz/boot/starter/literpc/impl/endpoint/http/HttpServletRpcEndpoint.java of the component LiteRpc-Serializer. Executing a manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been made available to the public and could be used for attacks.

Deserialization Java
CVE-2024-51999 LOW CVSS 2.7
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure

Today's Vulnerabilities Vulnerabilities