Skip to main content
CVE-2025-43529 HIGH KEV PATCH THREAT Act Now

WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users.

Apple Use After Free RCE Memory Corruption Red Hat +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-53908 HIGH POC This Week

HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-43428 CRITICAL Act Now

Unauthenticated access to Hidden Photos Album in Apple iOS, iPadOS, macOS, and visionOS allows remote attackers to view protected photos without authentication due to a configuration flaw. Fixed in iOS/iPadOS 26.2, macOS Tahoe 26.2, and visionOS 26.2. CVSS 9.8 (Critical) reflects network-based unauthenticated access, though EPSS of 0.13% (32nd percentile) suggests low observed exploitation probability. No public exploit identified at time of analysis, and not listed in CISA KEV. This represents a privacy-critical authentication bypass affecting Apple's Photos app across all major platforms.

Apple iOS Authentication Bypass Information Disclosure Ipados +2
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-43526 CRITICAL Act Now

Apple Safari and macOS Lockdown Mode can be bypassed to access restricted Web APIs through maliciously crafted file URLs due to insufficient URL validation. Affects Safari 26.2 and macOS Tahoe 26.2 on systems with Lockdown Mode enabled. Remote attackers can potentially execute high-impact attacks leveraging APIs meant to be restricted in high-security configurations. EPSS score of 0.06% (18th percentile) indicates low observed exploitation probability. No public exploit identified at time of analysis. This represents a serious compromise of Apple's enhanced security feature designed to protect high-risk users from targeted attacks.

Apple Safari macOS Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-14832 MEDIUM POC This Month

A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

PHP SQLi Online Cake Ordering System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-68429 HIGH PATCH This Week

Information disclosure in Storybook for Node.js versions 7.0.0 through 10.1.9 exposes environment variables from `.env` files when using `storybook build` command. Unpatched projects building Storybook in directories containing `.env` files risk bundling sensitive credentials into publicly viewable artifacts. Unauthenticated attackers accessing published Storybook bundles can extract secrets from source code. Runtime dev mode, CI builds using platform environment variables, and co-located applications remain unaffected. No public exploit identified at time of analysis.

Information Disclosure Storybook Red Hat
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-14101 HIGH This Week

Authorization bypass in GG Soft PaperWork versions 5.2.0.9427 through 6.0 allows authenticated remote attackers to access or modify resources belonging to other users by manipulating user-controlled identifiers (IDOR). The flaw was reported through Turkey's USOM/TR-CERT, and no public exploit identified at time of analysis. With an EPSS score of 0.04% (12th percentile), opportunistic mass exploitation appears unlikely, though targeted abuse within deployed environments remains realistic.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-68143 MEDIUM PATCH This Month

Unvalidated path handling in mcp-server-git versions before 2025.9.25 allows remote attackers to create Git repositories in arbitrary filesystem locations accessible to the server process via the git_init tool, potentially enabling subsequent malicious git operations on unintended directories. The git_init tool was completely removed in the patched version since the server is designed to operate only on existing repositories. No active exploitation has been confirmed, but the vulnerability carries a moderate CVSS score of 6.5 with network accessibility and high scope impact.

Path Traversal Model Context Protocol Servers
NVD GitHub
CVSS 4.0
6.5
EPSS
0.2%
CVE-2025-68145 MEDIUM PATCH This Month

Path traversal in mcp-server-git prior to version 2025.12.17 allows unauthenticated remote attackers to access repositories outside the configured repository restriction via unvalidated repo_path arguments in tool calls. When the server is started with the --repository flag to isolate operations to a specific path, the application failed to verify that subsequent tool call arguments remained within that allowed directory, enabling access to other repositories on the same system. An attacker with network access and user interaction (UI:P) can exploit this to read or modify git repositories beyond the intended scope.

Path Traversal Model Context Protocol Servers
NVD GitHub
CVSS 4.0
6.4
EPSS
0.1%
CVE-2025-14347 MEDIUM This Month

Reflected XSS in Proliz Software Ltd. OBS (Student Affairs Information System) versions before 26.5009 allows authenticated low-privileged attackers to inject and execute malicious scripts in a victim user's browser session. The attack requires the victim to interact with a crafted URL, but upon success the confidentiality impact is rated High - meaningful in an academic context where sensitive student records and PII may be accessible. No public exploit code or CISA KEV listing exists; EPSS at 0.03% (8th percentile) indicates very low automated exploitation probability, suggesting risk is primarily confined to targeted attacks against specific Turkish educational institutions using this platform.

XSS
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-68144 MEDIUM PATCH This Month

Arbitrary file overwrite in mcp-server-git prior to version 2025.12.17 allows unauthenticated remote attackers with user interaction to overwrite files via unsanitized command-line arguments passed to git CLI functions. The vulnerability affects git_diff and git_checkout operations where flag-like values (e.g., --output=/path/to/file) are interpreted as git options rather than validated references, enabling attackers to redirect output to arbitrary filesystem locations. CVSS 6.3 reflects high integrity impact with low availability impact; EPSS signal and active exploitation status not independently confirmed at analysis time.

Information Disclosure Model Context Protocol Servers
NVD GitHub
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-14834 LOW POC Monitor

SQL injection in Simple Stock System 1.0 via the Username parameter in /checkuser.php allows authenticated remote attackers to manipulate database queries with low impact to confidentiality, integrity, and availability. The CVSS 4.0 vector (PR:L) indicates login is required, but an EPSS score of 0.05% and very low CVSS base of 2.1 suggest minimal real-world exploitation risk despite public exploit availability.

PHP SQLi Simple Stock System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-14801 LOW POC Monitor

Reflected cross-site scripting (XSS) in xiweicheng Teamwork Management System up to version 2.28.0 allows high-privilege users to inject malicious scripts via the content parameter in the /admin/blog/comment/create endpoint. The vulnerability requires admin authentication and user interaction (UI:P), limiting real-world risk despite network accessibility. Publicly available exploit code exists, though EPSS scoring (0.06%, 18th percentile) and CVSS 1.9 indicate low actual exploitation probability due to high privilege requirements.

XSS Teamwork Management System
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.1%
CVE-2025-43533 MEDIUM This Month

Memory corruption vulnerability in Apple's HID (Human Interface Device) input handling subsystem affecting iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. A malicious HID device can trigger unexpected process crashes through improved input validation failures, resulting in denial of service. The vulnerability has a CVSS score of 5.7 (medium severity) with adjacent network attack vector and requires user interaction; no evidence of active exploitation or public POC is indicated in available intelligence.

Apple Buffer Overflow
NVD VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-14833 MEDIUM This Month

A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipulation of the argument clinic results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.

PHP SQLi Online Appointment Booking System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-46283 MEDIUM This Month

A logic validation flaw in macOS Sonoma and Tahoe allows local authenticated apps to access sensitive user data through improved validation mechanisms that were previously insufficient. The vulnerability affects macOS Sonoma versions prior to 14.8.4 and macOS Tahoe prior to 26.2, requiring local access and valid user privileges (PR:L) to exploit. With an EPSS score of 0.02% and no public exploit code identified, the real-world exploitation probability remains minimal despite the CVSS 5.5 rating, though the high confidentiality impact (C:H) warrants timely patching for systems handling sensitive information.

Apple macOS Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-46292 MEDIUM This Month

Local authenticated applications on iOS and iPadOS can access user-sensitive data due to insufficient entitlement checks, affecting iOS 18.7.2 and earlier and iPadOS 18.7.2 and earlier (as well as iOS 26.1 and iPadOS 26.1 and earlier). An attacker with app installation capability can exploit this vulnerability to bypass privacy controls and exfiltrate protected user information. No public exploit identified at time of analysis, though the 5.5 CVSS score and information disclosure classification indicate moderate real-world risk in targeted attack scenarios.

Apple iOS Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-46282 MEDIUM This Month

Safari and macOS allow local authenticated applications to access sensitive user data through improper permission enforcement. The vulnerability affects Safari versions prior to 26.2 and macOS versions prior to Tahoe 26.2, exploitable by apps running with user-level privileges that can bypass authorization checks to read protected user information. Apple has released patched versions with additional permission validation; EPSS data indicates minimal real-world exploitation likelihood despite the authenticated local attack vector.

Apple Safari macOS Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-46288 MEDIUM This Month

Local privilege escalation in Apple operating systems (iOS, iPadOS, macOS Tahoe, visionOS, watchOS) allows authenticated applications to bypass payment token access restrictions and obtain sensitive payment credentials. The vulnerability affects all versions prior to the 26.2 release across affected platforms. CVSS 5.5 with low real-world exploitation risk (EPSS 0.01%), no public exploit identified, not listed in CISA KEV.

Apple iOS Information Disclosure Privilege Escalation Ipados +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43536 MEDIUM PATCH This Month

Use-after-free memory corruption in Apple's WebKit rendering engine allows remote attackers to crash Safari and iOS/iPadOS applications by processing maliciously crafted web content, requiring only user interaction (page visit) and no authentication. The vulnerability affects Safari 26.2, iOS 18.7.3 and iOS 26.2, iPadOS 18.7.3 and iPadOS 26.2, and macOS Tahoe 26.2 and earlier versions. With an EPSS score of 0.06% and no public exploit confirmed, this represents a low real-world exploitation priority despite the moderate CVSS 4.3 severity rating, with impact limited to denial of service through process termination.

Apple Safari iOS macOS Use After Free +5
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-11369 MEDIUM This Month

Gutenberg Essential Blocks plugin for WordPress up to version 5.7.2 allows authenticated authors and above to access sensitive API keys for Instagram, Google Maps, and other external services due to missing capability checks on several callback functions. The vulnerability requires WordPress Author-level or higher privileges and carries a low real-world risk given the constrained attack surface and low EPSS score of 0.04%, though it does expose plaintext credentials to a wider internal threat model than intended.

WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-46279 LOW Monitor

Installed app enumeration via permissions bypass in Apple operating systems allows a locally authenticated app to discover what other applications a user has installed through insufficient access controls. Affects iOS 18.7.2 and earlier, iPadOS 18.7.2 and earlier, macOS Tahoe 26.1 and earlier, tvOS 26.1 and earlier, visionOS 26.1 and earlier, and watchOS 26.1 and earlier. The vulnerability has a low CVSS score (3.3) with extremely low exploitation probability (EPSS 0.02%) and no public exploit identified at time of analysis.

Apple iOS Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-46277 LOW Monitor

Local apps on Apple devices can access a user's Safari browsing history due to insufficient data redaction in system logging, affecting iOS, iPadOS, macOS Tahoe, and watchOS prior to version 26.2. An attacker with local app execution privileges can extract sensitive Safari history from system logs without user interaction. This vulnerability carries a 3.3 CVSS score with minimal real-world exploitation probability (EPSS 0.01%) and no known public exploits.

Apple iOS macOS Information Disclosure Ipados +2
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43531 LOW Monitor

Safari and Apple operating systems contain a race condition that crashes the rendering process when processing maliciously crafted web content, affecting Safari 26.2 and earlier, iOS 18.7.3 and earlier, iPadOS 18.7.3 and earlier, macOS Tahoe 26.2 and earlier, tvOS 26.2 and earlier, visionOS 26.2 and earlier, and watchOS 26.2 and earlier. The vulnerability requires user interaction (clicking a malicious link or visiting a hostile website) and has high attack complexity, resulting in denial of service through process crash rather than data compromise. No public exploit code has been identified, EPSS exploitation probability is very low at 0.12%, and Apple has released patched versions across all affected platforms.

Apple Safari iOS macOS Race Condition +6
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-14836 LOW Monitor

ZZCMS 2025 stores sensitive user data in cleartext within the User Data Storage Module at /reg/user_save.php, allowing remote attackers with high-level privileges to retrieve unencrypted credentials or personal information from disk. The vulnerability has a published exploit available, though the extremely low EPSS score (0.02%) and requirement for authenticated high-privilege access suggest minimal real-world exploitation risk despite public proof-of-concept availability.

PHP Information Disclosure Zzcms
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy