Skip to main content
CVE-2025-59718 CRITICAL KEV EUVD KEV THREAT Emergency

Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to defeat FortiCloud SSO login by submitting a crafted SAML response, due to improper verification of the response's cryptographic signature. The flaw is confirmed actively exploited (CISA KEV), with Arctic Wolf observing malicious SSO logins in the wild, and EPSS rates it at the 93rd percentile of likelihood. Combined with a 9.8 CVSS score and CWE-347 root cause, this is a top-priority patching target for any organization running affected Fortinet management planes.

Fortinet Authentication Bypass Jwt Attack
NVD VulDB
CVSS 3.1
9.8
EPSS
9.5%
CVE-2025-65882 CRITICAL POC PATCH Act Now

OS command injection in OpenMPTCProuter through version 0.64 lets attackers write arbitrary files or execute arbitrary commands via the create_xor_ipad_opad function in the sysupgrade helper (common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c). Publicly available exploit code exists (published as a GitHub gist), and a vendor fix is available as an upstream commit; the flaw is not listed in CISA KEV and carries a modest EPSS of 0.59% (44th percentile), indicating no confirmed active exploitation at time of analysis. The submitted CVSS of 9.8 assumes remote unauthenticated access, but because the vulnerable code path is a firmware-upgrade helper, real-world exploitation likely depends on access to the router's upgrade functionality — verify against your deployment.

Command Injection Openmptcprouter
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-59719 CRITICAL EUVD KEV Act Now

Authentication bypass in Fortinet FortiWeb 8.0.0, 7.6.0-7.6.4, and 7.4.0-7.4.9 allows unauthenticated remote attackers to circumvent FortiCloud SSO login by sending a crafted SAML response message. The flaw stems from improper cryptographic signature verification (CWE-347), enabling forgery of authentication assertions. No public exploit identified at time of analysis, EPSS sits at 0.26% (50th percentile), and the issue is not currently listed in CISA KEV, though Fortinet products have historically been high-value targets.

Fortinet Authentication Bypass Jwt Attack Fortiweb
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-14324 CRITICAL PATCH Act Now

JIT compiler miscompilation in Mozilla's JavaScript engine allows remote code execution without authentication in Firefox (versions <146, <115.31 ESR, <140.6 ESR) and Thunderbird (versions <146, <140.6 ESR). The CVSS 9.8 critical score reflects network-based exploitation requiring no user interaction. EPSS score of 0.10% (27th percentile) suggests low predicted exploitation probability despite severity. No public exploit identified at time of analysis, and vendor-released patches are available across all affected product lines per Mozilla security advisories MFSA2025-92 through MFSA2025-96.

Mozilla RCE Code Injection Thunderbird Red Hat +1
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-14330 CRITICAL PATCH Act Now

Just-In-Time (JIT) compilation flaws in Mozilla's JavaScript engine allow unauthenticated remote attackers to achieve arbitrary code execution with high integrity and availability impact across Firefox and Thunderbird. Affects Firefox <146, Firefox ESR <140.6, Thunderbird <146, and Thunderbird ESR <140.6. Despite a critical CVSS 9.8 score, EPSS probability remains low at 0.09% (25th percentile), and no public exploit or active exploitation (CISA KEV) has been identified at time of analysis. Vendor-released patches are available across all affected product lines.

Mozilla Buffer Overflow Thunderbird Red Hat Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-14321 CRITICAL PATCH Act Now

Remote code execution via use-after-free in Mozilla Firefox and Thunderbird WebRTC signaling allows unauthenticated network attackers to execute arbitrary code without user interaction. Affects Firefox <146, Firefox ESR <140.6, Thunderbird <146, and Thunderbird ESR <140.6. Vendor-released patches available (Firefox 146, Firefox ESR 140.6, Thunderbird 146, Thunderbird 140.6). CVSS 9.8 (critical) reflects maximum technical severity, though EPSS 0.09% (25th percentile) and absence from CISA KEV suggest limited real-world exploitation at time of analysis. No public exploit identified at time of analysis.

Memory Corruption Mozilla Use After Free Information Disclosure Thunderbird +2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-14326 CRITICAL PATCH Act Now

Remote code execution in Mozilla Firefox and Thunderbird (pre-146) allows unauthenticated network attackers to execute arbitrary code via a use-after-free flaw in the GMP (Gecko Media Plugin) audio/video component. Despite a critical CVSS 9.8 rating, EPSS probability remains low (0.08%, 23rd percentile), and no public exploit identified at time of analysis. Mozilla patched both products in version 146, with vendor advisories and technical details available via Bugzilla.

Memory Corruption Mozilla Use After Free Information Disclosure Thunderbird +2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-12504 CRITICAL Act Now

Unauthenticated SQL injection in Talent Software UNIS versions prior to 42321 allows remote attackers to manipulate backend database queries over the network without any authentication or user interaction. The vulnerability carries a CVSS 9.8 rating reflecting full compromise potential across confidentiality, integrity, and availability, and was reported by Turkey's national CSIRT (USOM), though no public exploit code or CISA KEV listing has been identified at time of analysis.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-11022 CRITICAL Act Now

Cross-site request forgery in Panilux versions before 0.10.0 can be chained to command injection, allowing remote attackers to execute arbitrary operating system commands when an authenticated user is tricked into visiting a malicious page. The CVSS 9.6 (AV:N/AC:L/PR:N/UI:R/S:C) reflects scope change and full CIA impact, though exploitation requires user interaction and the affected vendor has denied ownership of the product, complicating disclosure. EPSS is very low at 0.04% (11th percentile) and no public exploit is identified at time of analysis.

CSRF Command Injection
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy