Skip to main content
CVE-2025-67506 CRITICAL POC PATCH Act Now

A critical authentication bypass and path traversal vulnerability in PipesHub AI platform allows unauthenticated remote attackers to upload files with directory traversal sequences, enabling arbitrary file writes anywhere the service account has permissions. This vulnerability affects PipesHub versions prior to 0.1.0-beta and has a publicly available proof-of-concept exploit, making it an immediate priority for organizations using this enterprise search and workflow automation platform. With a CVSS score of 9.8 and the ability to plant malicious code or overwrite critical files, this represents a severe risk to affected systems.

Authentication Bypass File Upload Pipeshub
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-65807 HIGH POC This Week

Local privilege escalation in the sd command-line find-and-replace utility (versions 1.0.0 and earlier, by chmln) allows a local attacker to gain root privileges through a crafted command. The flaw stems from incorrect privilege assignment (CWE-266) and is exploitable locally with no authentication indicated by the CVSS vector (PR:N), yielding full confidentiality, integrity, and availability compromise. Publicly available exploit code exists (proof-of-concept gist), though the EPSS score is low at 0.18% (8th percentile), and the CVE is not listed in CISA KEV.

Privilege Escalation Sd Suse
NVD GitHub
CVSS 3.1
8.4
EPSS
0.2%
CVE-2025-65828 MEDIUM POC This Month

Unauthenticated Bluetooth Low Energy (BLE) command execution against the Meatmeet Pro WiFi & Bluetooth Meat Thermometer firmware 1.0.34.4 allows any proximity attacker to issue shutdown, restart, or factory-reset commands without credentials, resulting in a denial of service. The clear-config command is particularly disruptive: it dissociates the device from its owner account, severing the connection to the Meatmeet cloud backend and requiring full device re-provisioning before temperature data can be received again. A public proof-of-concept is available via a GitHub gist, though EPSS sits at 0.27% (19th percentile), reflecting the niche consumer IoT footprint rather than low technical reproducibility.

Authentication Bypass Denial Of Service Meatmeet Pro Wifi Bluetooth Meat Thermometer Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-14087 CRITICAL PATCH Act Now

Heap corruption in GLib (GNOME's core C utility library) lets remote attackers trigger a buffer-underflow in the GVariant parser by supplying maliciously crafted serialized/text input, resulting in denial of service and potentially arbitrary code execution. Any application linking GLib that deserializes untrusted GVariant data is exposed, which spans broad swaths of the Linux desktop and system stack across Red Hat Enterprise Linux 7-10 and SUSE. There is no public exploit identified at time of analysis, and EPSS exploitation probability is low (0.26%, 49th percentile) despite the 9.8 CVSS, indicating the headline severity is not yet matched by observed exploitation interest.

Denial Of Service RCE Integer Overflow Glib Enterprise Linux
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-13955 CRITICAL Act Now

Wireless network compromise of EZCast Pro II dongles before version 1.17478.177 occurs because the device's Access Point mode uses a predictable default Wi-Fi password derived from observable identifiers, allowing any attacker within radio range to compute the credential and join the dongle's network. CVSS 4.0 score 9.3 reflects adjacent-network attack vector with no authentication required, and no public exploit identified at time of analysis, though the algorithm is reportedly reversible from broadcast data.

Information Disclosure
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2025-13954 CRITICAL Act Now

Authorization bypass in EZCast Pro II wireless presentation devices before firmware 1.17478.177 allows adjacent-network attackers to obtain full administrative control of the device Admin UI by leveraging hard-coded cryptographic keys (CWE-798). The flaw was reported through Switzerland's NCSC coordinated vulnerability disclosure programme and carries a CVSS v4.0 base score of 9.3 with automatable exploitation flagged in the vector. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2025-7073 HIGH This Week

Bitdefender Total Security, Antivirus, Internet Security, and Endpoint Security Tools prior to version 27.0.47.241 allow local attackers with low privileges to execute arbitrary code as SYSTEM through a complex attack chain. The bdservicehost.exe service deletes files from C:\ProgramData\Atc\Feedback without validating symbolic links (CWE-59), enabling arbitrary file deletion that attackers chain with network-triggered file copy operations and filter driver bypass via DLL injection to achieve full privilege escalation. EPSS indicates 0.02% exploitation probability (6th percentile), and no public exploit code or active exploitation has been identified at time of analysis. Vendor has released patches addressing this multi-stage local escalation vector.

Privilege Escalation RCE
NVD VulDB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2025-61813 HIGH This Week

XML External Entity (XXE) injection in Adobe ColdFusion 2025.4, 2023.16, 2021.22 and earlier allows remote attackers to read arbitrary files from the server filesystem via maliciously crafted XML documents requiring user interaction. The vulnerability achieves scope change (CVSS S:C), meaning exploitation can affect resources beyond the vulnerable component. Adobe has released patches in APSB25-105. No confirmed active exploitation (CISA KEV) or public POC identified at time of analysis. EPSS data not available.

XXE
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2025-63895 HIGH This Week

Denial of service in the Bluetooth firmware of the JXL 9-inch Car Android Double Din Player (Android v12.0) lets an attacker within Bluetooth range crash the head unit by sending a malformed Link Manager Protocol (LMP) packet. The flaw sits in the low-level Bluetooth baseband/link layer, so no pairing or user interaction is needed to disrupt availability of the in-vehicle infotainment system. There is no public exploit identified at time of analysis, and the EPSS probability is low (0.28%, 20th percentile), consistent with a niche automotive product rather than a mass-exploited target.

Denial Of Service Google Jxl 9 Inch Car Android Double Din Player Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-1161 HIGH This Week

Privilege escalation in NomySoft Nomysem (versions through May 2025) allows remote attackers with low privileges to gain elevated rights by abusing improperly used privileged APIs. The CVSS 7.1 score reflects high attack complexity and required user interaction, and no public exploit identified at time of analysis tempers immediate risk despite the high impact ceiling.

Privilege Escalation
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-34429 HIGH This Week

Cross-site request forgery in 1Panel (versions 1.10.33 through 2.0.15) lets a remote attacker change the TCP port the web management service listens on by luring an authenticated administrator to a malicious webpage. Because the port-change endpoint has no anti-CSRF token or Origin/Referer checks, the victim's browser silently replays valid session cookies, moving the panel off its expected port and causing loss of access, denial of service, or unintended exposure on an attacker-chosen port. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the flaw is trivially craftable given the described missing defenses.

CSRF Denial Of Service 1panel
NVD GitHub
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-34410 HIGH This Week

Account lockout denial-of-service in 1Panel (versions 1.10.33 through 2.0.15) allows a remote attacker to forcibly change an authenticated victim's username via a cross-site request forgery flaw in the Change Username endpoint at /settings/panel. Because the endpoint lacks anti-CSRF tokens and Origin/Referer validation, a victim who visits a malicious page while logged in unknowingly submits a username change with valid session cookies, after which they are logged out and locked out of their account. No public exploit identified at time of analysis; disclosed via a VulnCheck advisory with no CISA KEV listing and no EPSS data supplied.

CSRF Denial Of Service 1panel
NVD GitHub
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-61821 MEDIUM This Month

Arbitrary file read in Adobe ColdFusion 2025.4, 2023.16, 2021.22 and earlier stems from an XML External Entity (XXE) flaw (CWE-611) that lets remote unauthenticated attackers retrieve sensitive files from the server. Adobe rates the issue 8.6 (CVSS 3.1) with a scope change, and no public exploit is identified at time of analysis, though the description notes exploitation depends on conditions beyond the attacker's control.

XXE Coldfusion
NVD VulDB
CVSS 3.1
6.8
EPSS
0.5%
CVE-2025-67499 MEDIUM PATCH This Month

The CNI portmap plugin versions 1.6.0 through 1.8.0 contain a traffic interception vulnerability when configured with the nftables backend, allowing containers to receive and intercept all traffic destined for their configured HostPort regardless of destination IP address. This affects Linux Foundation's CNI Network Plugins, and an attacker with local privileges and control over a container can intercept traffic intended for other containers or services on the same node. The vulnerability has a published patch available in version 1.9.0, an extremely low EPSS score of 0.02% indicates minimal real-world exploitation likelihood, and there is no indication of active exploitation in the wild.

Information Disclosure Cni Network Plugins Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-64898 MEDIUM This Month

Insufficiently Protected Credentials in Adobe ColdFusion (versions 2025.4, 2023.16, and 2021.22 and earlier) enables unauthenticated remote attackers to gain limited unauthorized write access by exploiting improperly stored or transmitted credentials. The CVSS vector confirms network-accessible, zero-complexity exploitation with no privileges or user interaction required, producing limited integrity impact. Tagged as an Authentication Bypass vector, this vulnerability is distinct from a simple credential disclosure - it permits write operations, making it a meaningful integrity risk despite the moderate CVSS score. No public exploit or CISA KEV listing has been identified at time of analysis.

Authentication Bypass Coldfusion
NVD VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-34430 MEDIUM This Month

Cross-site request forgery in 1Panel versions 1.10.33 through 2.0.15 allows a remote attacker to change an authenticated user's panel name by luring them to a malicious webpage. The panel name management endpoint omits both anti-CSRF tokens and Origin/Referer header validation, so the victim's browser automatically includes valid session cookies when the forged request fires. No public exploit code and no CISA KEV listing exist at time of analysis; real-world impact is limited to low-integrity panel configuration tampering.

CSRF 1panel
NVD GitHub
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-13125 MEDIUM This Month

DijiDemi, a platform by Im Park Information Technology, contains an authorization bypass vulnerability (CWE-639) that allows authenticated low-privileged users to access data belonging to other users by manipulating user-controlled identifier keys. Affecting all versions through 28.11.2025, the flaw enables horizontal privilege escalation - an attacker with a valid low-privilege account can exploit trusted identifiers to read confidential data outside their authorized scope. No public exploit code exists and no KEV listing is present; with an EPSS of 0.03% (10th percentile), active exploitation is not currently anticipated.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-13127 LOW Monitor

Cross-site scripting in GoldenHorn (a web-based trade management platform by TAC Information Services Internal and External Trade Inc.) allows a low-privileged authenticated attacker to inject malicious JavaScript into pages rendered by other users, resulting in limited confidentiality impact such as session token or data exfiltration. All versions prior to 4.25.1121.1 are affected. No active exploitation has been confirmed (not listed in CISA KEV), and the EPSS score of 0.02% (7th percentile) indicates very low exploitation probability at time of analysis.

XSS
NVD VulDB
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-14082 LOW PATCH Monitor

{realm}/roles endpoint, allowing high-privileged authenticated users to access role information they should not have permission to view. With a CVSS score of 2.7 and EPSS of 0.01%, this is a low-severity information disclosure affecting confidentiality only; no public exploit identified at time of analysis.

Information Disclosure
NVD
CVSS 3.1
2.7
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy