Skip to main content
CVE-2025-55182 CRITICAL POC KEV EUVD KEV PATCH THREAT Act Now

React Server Components in React 19.x contain a critical pre-authentication remote code execution vulnerability (CVE-2025-55182, CVSS 10.0) through unsafe deserialization of HTTP request payloads. With EPSS 71.1% and KEV listing, this vulnerability affects any application using React Server Components with react-server-dom-webpack, react-server-dom-turbopack, or react-server-dom-parcel — enabling complete server compromise through a single HTTP request.

Deserialization RCE React Next.Js Red Hat +1
NVD GitHub Exploit-DB VulDB
CVSS 3.1
10.0
EPSS
71.1%
Threat
9.1
CVE-2025-13486 CRITICAL POC THREAT Emergency

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes it possible for unauthenticated attackers to execute arbitrary code on the server, which can be leveraged to inject backdoors or create new administrative user accounts.

WordPress Code Injection RCE PHP
NVD
CVSS 3.1
9.8
EPSS
75.3%
Threat
5.7
CVE-2025-13390 CRITICAL POC PATCH Act Now

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.

Authentication Bypass WordPress Wp Directory Kit PHP
NVD GitHub
CVSS 3.1
10.0
EPSS
0.7%
CVE-2024-32641 CRITICAL POC PATCH Act Now

Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6 are vulnerable to remote code execution. The vulnerability exists in the addParam function, which accepts user input via the criteria parameter. This input is subsequently evaluated by setDynamicContent, allowing an unauthenticated attacker to execute arbitrary code via the m tag. The vulnerability is patched in versions 7.2.8, 7.3.13, and 7.4.6.

Code Injection RCE Masacms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-64055 CRITICAL POC Act Now

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

File Upload Authentication Bypass X210 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-66489 CRITICAL POC PATCH Act Now

A remote code execution vulnerability in Cal.com (CVSS 9.8) that allows an attacker. Risk factors: public PoC available.

Authentication Bypass Cal.Com
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-66222 CRITICAL POC PATCH Act Now

DeepChat is a smart assistant uses artificial intelligence. In 0.5.0 and earlier, there is a Stored Cross-Site Scripting (XSS) vulnerability in the Mermaid diagram renderer allows an attacker to execute arbitrary JavaScript within the application context. By leveraging the exposed Electron IPC bridge, this XSS can be escalated to Remote Code Execution (RCE) by registering and starting a malicious MCP (Model Context Protocol) server.

Code Injection XSS RCE Deepchat
NVD GitHub
CVSS 3.1
9.6
EPSS
0.3%
CVE-2025-57201 HIGH POC This Week

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

Command Injection Dgm1104 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2025-57199 HIGH POC This Week

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

Command Injection Dgm1104 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2025-57198 HIGH POC This Week

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

Command Injection Dgm1104 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-32642 HIGH POC PATCH This Week

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerable to host header poisoning which allows account takeover via password reset email. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6.

Information Disclosure Masacms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-50360 HIGH POC This Week

A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service.

Buffer Overflow Heap Overflow Denial Of Service RCE Pepper
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-66411 HIGH POC PATCH This Week

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace (VM, K8s Pod etc.) or a third-party system (SIEM, logging stack) could access those logs. This vulnerability is fixed in 2.26.5, 2.27.7, and 2.28.4.

Kubernetes Information Disclosure Coder Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-65843 HIGH POC This Week

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the ~/Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius recursively enumerates logs using a JUCE directory iterator configured to follow symlinks, and later writes file data without validating whether the target is a symbolic link. A local attacker can exploit this behavior by planting symlinks to arbitrary filesystem locations, resulting in unauthorized disclosure or modification of arbitrary files. When chained with the associated HelperTool privilege escalation issue, root-owned files may also be exposed.

Privilege Escalation Apple Aquarius macOS
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-57200 MEDIUM POC This Month

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

Command Injection Dgm1104 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
5.3%
CVE-2025-65868 HIGH POC This Week

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

XXE Denial Of Service Eyoucms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-32643 HIGH POC PATCH This Week

Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, if the URL to the page is modified to include a /tag/ declaration, the CMS will render the page regardless of group restrictions. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6.

Authentication Bypass Masacms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-65320 HIGH POC This Week

Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory during an activation attempt.

Information Disclosure Restaurant Point Of Sale
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66293 HIGH POC PATCH This Week

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.

Buffer Overflow Information Disclosure Ubuntu Debian Libpng +2
NVD GitHub
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-64527 MEDIUM POC PATCH This Month

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allow_missing_or_failed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch fails. This is caused by a re-entry bug in the JwksFetcherImpl. When the first token's JWKS fetch fails, onJwksError() callback triggers processing of the second token, which calls fetch() again on the same fetcher object. The original callback's reset() then clears the second fetch's state (receiver_ and request_) which causes a crash when the async HTTP response arrives.

Null Pointer Dereference Denial Of Service Debian Envoy Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-66404 MEDIUM POC PATCH This Month

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.

Command Injection Kubernetes Mcp Server Kubernetes
NVD GitHub
CVSS 3.1
6.4
EPSS
0.3%
CVE-2025-65841 MEDIUM POC This Month

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.

Authentication Bypass Apple Aquarius
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2025-62686 MEDIUM POC This Month

A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a __RESTRICT segment, a local user may exploit the DYLD_INSERT_LIBRARIES environment variable to inject a dynamic library, potentially resulting in code execution with elevated privileges.

Privilege Escalation Apple RCE Installation Manager macOS
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-55076 MEDIUM POC This Month

A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system(), which may allow a local user to execute arbitrary commands with root privileges.

Privilege Escalation Apple Installation Manager macOS
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-57202 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.

XSS Dgm1104 Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-34319 CRITICAL Act Now

TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 (discovered in V2.1.8-B20201030.1539) contain an OS command injection vulnerability in the Boa formWsc handling functionality. An unauthenticated attacker can send specially crafted requests to trigger command execution via the targetAPSsid request parameter.

Command Injection TOTOLINK
NVD
CVSS 4.0
9.3
EPSS
3.4%
CVE-2025-66208 CRITICAL PATCH Act Now

Collabora Online - Built-in CODE Server (richdocumentscode) provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php and an intermediate reverse proxy. This vulnerability is fixed in 25.04.702.

PHP Command Injection Online Nextcloud
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-13342 CRITICAL Act Now

A security vulnerability in Frontend Admin by DynamiApps (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Authentication Bypass WordPress PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-66032 CRITICAL POC PATCH Act Now

Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 1.0.93.

Command Injection RCE Claude Code
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64443 CRITICAL PATCH Act Now

A security vulnerability in MCP Gateway (CVSS 9.6). Critical severity with potential for significant impact on affected systems. Vendor patch is available.

Information Disclosure Mcp Gateway Suse
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2025-13945 MEDIUM POC PATCH This Month

HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service

Denial Of Service Ubuntu Debian Wireshark Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-13946 MEDIUM POC PATCH This Month

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

Denial Of Service Ubuntu Debian Wireshark Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-50361 MEDIUM POC This Month

Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v12_28, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash.

Buffer Overflow Debian Smallbasic
NVD GitHub
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-65842 MEDIUM POC This Month

The Aquarius HelperTool (1.0.003) privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights with a NULL reference, causing all authorization checks to succeed. The executeCommand:authorization:withReply: method then interpolates attacker-controlled input into NSTask and executes it with root privileges. A local attacker can exploit these weaknesses to run arbitrary commands as root, create persistent backdoors, or obtain a fully interactive root shell.

Privilege Escalation Apple Aquarius Helpertool macOS
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-65267 CRITICAL Act Now

In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper validation of uploaded SVG avatar images allows attackers to embed malicious JavaScript. The payload executes when an administrator clicks the image link to view the avatar, resulting in stored cross-site scripting (XSS). Successful exploitation may lead to account takeover, privilege escalation, or full compromise of the affected ERPNext instance.

Privilege Escalation XSS Erpnext Frappe
NVD GitHub
CVSS 3.1
9.0
EPSS
0.1%
CVE-2025-66220 MEDIUM POC PATCH This Month

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy’s mTLS certificate matcher for match_typed_subject_alt_names may incorrectly treat certificates containing an embedded null byte (\0) inside an OTHERNAME SAN value as valid matches.

Information Disclosure Debian Envoy Red Hat
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-33208 HIGH PATCH This Week

NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncontrolled search path. A successful exploit of this vulnerability may lead to escalation of privileges, data tampering, denial of service, information disclosure.

Information Disclosure Denial Of Service Tao Toolkit
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-12744 HIGH POC PATCH This Week

A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.

Docker Command Injection Red Hat Suse
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-12385 HIGH PATCH This Week

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Microsoft Apple Google Denial Of Service Ubuntu +4
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-20387 HIGH PATCH This Week

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk Windows
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-20386 HIGH PATCH This Week

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk Windows
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-54065 HIGH This Week

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted FState and VMFunction structures. A script can copy FState structures into a writable buffer, modify function pointers and state transitions, and cause execution of attacker-controlled bytecode, leading to arbitrary code execution.

RCE Debian
NVD GitHub
CVSS 3.1
7.9
EPSS
0.0%
CVE-2025-66431 HIGH PATCH This Week

A remote code execution vulnerability in WebPros Plesk before 18.0.73.5 and 18.0.74 before 18.0.74.2 on Linux (CVSS 7.8) that allows remote authenticated users. High severity vulnerability requiring prompt remediation.

RCE
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-53841 HIGH PATCH This Week

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Microsoft Privilege Escalation OpenSSL Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-7044 HIGH PATCH This Week

An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An authenticated, unprivileged attacker can intercept a user.update websocket request and inject the is_superuser property set to true. The server improperly validates this input, allowing the attacker to self-promote to an administrator role. This results in full administrative control over the MAAS deployment.

Privilege Escalation Maas
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-65027 HIGH POC PATCH This Week

RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. RomM contains multiple unrestricted file upload vulnerabilities that allow authenticated users to upload malicious SVG or HTML files. When these files are accessed the browser executes embedded JavaScript, leading to stored Cross-Site Scripting (XSS) which when combined with a CSRF misconfiguration they lead to achieve full administrative account takeover, creating a rogue admin account, escalating the attacker account role to admin, and much more. This vulnerability is fixed in 4.4.1 and 4.4.1-beta.2.

File Upload CSRF XSS Romm
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2024-3884 HIGH PATCH GHSA This Week

A flaw was found in Undertow that can cause remote denial of service attacks.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-13646 HIGH PATCH This Week

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.

File Upload WordPress RCE Modula Image Gallery PHP
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-12819 HIGH PATCH This Week

Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious search_path parameter in the StartupMessage.

Information Disclosure Ubuntu Debian Pgbouncer
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-33211 HIGH This Week

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service.

Denial Of Service Triton Inference Server
NVD
CVSS 3.1
7.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy