Skip to main content
CVE-2025-66376 HIGH KEV THREAT Act Now

Zimbra Collaboration Suite (ZCS) 10.x contains a stored XSS vulnerability in the Classic UI that allows attackers to execute arbitrary JavaScript through CSS @import directives in HTML emails. KEV-listed, this vulnerability (CVE-2025-66376) enables session hijacking and account takeover when administrators or users view malicious emails, making it a high-value target for email-based espionage campaigns.

XSS Zimbra Collaboration Suite
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-59157 CRITICAL POC Act Now

Coolify, a self-hosted server management platform, allows authenticated users to inject OS commands through the Git Repository field during project creation. A regular member can achieve root-level code execution on the Coolify host with scope change. PoC available.

Command Injection Coolify
NVD GitHub
CVSS 3.1
9.9
EPSS
0.3%
CVE-2025-64420 CRITICAL POC Act Now

Coolify through v4.0.0-beta.434 exposes the root user's SSH private key to low-privileged team members. Any user with basic access can extract the key, SSH to the server as root, and fully compromise the Coolify instance and all managed infrastructure. PoC available.

SSH Coolify
NVD GitHub
CVSS 3.1
9.9
EPSS
0.1%
CVE-2025-64419 CRITICAL POC PATCH Act Now

Coolify before 4.0.0-beta.445 allows command injection through docker-compose.yaml parameters. If a victim creates an application from an attacker-controlled repository using the Docker Compose build pack, the attacker achieves root code execution on the Coolify instance. PoC available, patch available.

Docker Coolify
NVD GitHub
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-68456 CRITICAL POC PATCH Act Now

Craft CMS (5.0.0-RC1 through 5.8.20, 3.x through 4.16.16) allows unauthenticated users to trigger database backup operations, leading to resource exhaustion or information disclosure if backups are stored in accessible locations. PoC available, patches available.

Information Disclosure Craft Cms
NVD GitHub
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-64424 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. [CVSS 8.8 HIGH]

Command Injection Coolify
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-68454 HIGH POC PATCH This Week

Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 are vulnerable to potential authenticated Remote Code Execution via Twig SSTI. [CVSS 8.8 HIGH]

RCE Craft Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-59156 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution (RCE)*vulnerability exists in Coolify's application deployment workflow. [CVSS 8.8 HIGH]

Docker RCE Coolify
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-55204 HIGH POC This Week

muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution (RCE) vulnerability in. [CVSS 8.8 HIGH]

RCE Muffon
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-64423 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user (member) can see and use invitation links sent to an administrator. [CVSS 8.8 HIGH]

Authentication Bypass Coolify
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-15462 HIGH POC This Week

A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigAdvideo. [CVSS 8.8 HIGH]

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15461 HIGH POC This Week

A flaw has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTaskEdit. [CVSS 8.8 HIGH]

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15459 HIGH POC This Week

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formUser. [CVSS 8.8 HIGH]

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15460 HIGH POC This Week

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formPptpClientConfig. [CVSS 8.8 HIGH]

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0621 HIGH POC PATCH This Week

Denial of service in Anthropic's Model Context Protocol (MCP) TypeScript SDK versions up to and including 1.25.1 allows remote attackers to hang the Node.js event loop by submitting a crafted URI to the UriTemplate matcher. The dynamically built regex for RFC 6570 exploded array patterns contains nested quantifiers that trigger catastrophic backtracking, pinning CPU and rendering the process unresponsive. Publicly available exploit code exists, though EPSS is very low (0.02%) and it is not listed in CISA KEV, so real-world exploitation currently appears theoretical rather than widespread.

Node.js Denial Of Service Mcp Typescript Sdk
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2025-14124 HIGH POC This Week

The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. [CVSS 8.6 HIGH]

WordPress SQLi PHP
NVD WPScan
CVSS 3.1
8.6
EPSS
0.0%
CVE-2025-65110 HIGH POC PATCH This Week

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used. [CVSS 8.1 HIGH]

RCE XSS Vega Red Hat
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-64425 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, an attacker can initiate a password reset for a victim, and modify the host header of the request to a malicious value. [CVSS 8.1 HIGH]

Information Disclosure Coolify
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-59158 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS) attack in the project creation workflow. [CVSS 8.0 HIGH]

XSS Coolify
NVD GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-64421 HIGH POC This Week

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user (member) can invite a high privileged user. [CVSS 8.0 HIGH]

Authentication Bypass Coolify
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-67303 HIGH POC PATCH GHSA This Week

An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface [CVSS 7.5 HIGH]

Information Disclosure AI / ML Comfyui Manager
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-68455 HIGH POC PATCH This Week

Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 are vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior. [CVSS 7.2 HIGH]

RCE Craft Cms
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2025-66648 HIGH POC PATCH This Week

vega-functions provides function implementations for the Vega expression language. Prior to version 6.1.1, for sites that allow users to supply untrusted user input, malicious use of an internal function (not part of the public API) could be used to run unintentional javascript (XSS). [CVSS 7.2 HIGH]

XSS Vega Functions Red Hat
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-68437 MEDIUM POC PATCH This Month

Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL `save_<VolumeName>_Asset` mutation is vulnerable to Server-Side Request Forgery (SSRF). [CVSS 6.8 MEDIUM]

SSRF Craft Cms
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-65328 MEDIUM POC This Month

Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) header as the client IP without validating a trusted proxy chain. [CVSS 6.5 MEDIUM]

Authentication Bypass Mega Fence
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-67732 MEDIUM POC This Month

Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed in plaintext to the frontend, allowing non-administrator users to view and reuse it. [CVSS 6.5 MEDIUM]

Authentication Bypass Information Disclosure AI / ML Dify
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15448 MEDIUM POC This Month

A vulnerability was found in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. This impacts the function Upload of the file src/main/java/com/macro/mall/controller/MinioController.java. [CVSS 6.3 MEDIUM]

Java Javamall
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-31048 CRITICAL Act Now

Themify Shopo WordPress theme (through 1.1.4) allows authenticated users to upload web shells. Despite requiring low-level authentication, the scope change to CVSS 9.9 means any subscriber account can achieve full server compromise.

File Upload
NVD
CVSS 3.1
9.9
EPSS
0.0%
CVE-2025-14346 CRITICAL Act Now

WHILL Model C2 electric wheelchairs and Model F power chairs accept Bluetooth connections without authentication. An attacker within Bluetooth range can pair with the device and issue movement commands, override speed restrictions, and change configuration – creating a direct physical safety hazard for the user.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-15029 CRITICAL PATCH Act Now

Centreon Infra Monitoring's AWIE export module contains SQL injection accessible to unauthenticated users. Combined with CVE-2025-15026 (missing auth on import), the AWIE module has both unauthenticated data extraction and unauthorized configuration access. Patch available.

SQLi Awie
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-15026 CRITICAL PATCH Act Now

Centreon Infra Monitoring's centreon-awie module lacks authentication on critical import functions, allowing unauthenticated attackers to access functionality that should be restricted by ACLs. Affects multiple Centreon versions. Patch available.

Authentication Bypass Awie
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-59955 MEDIUM POC This Month

Coolify versions up to 4.0.0 contains a vulnerability that allows attackers to a malicious actor to perform an unauthorized email address change on behalf of t (CVSS 5.7).

Information Disclosure Coolify
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2025-15458 MEDIUM POC This Month

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. [CVSS 7.3 HIGH]

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.5%
CVE-2025-15457 MEDIUM POC This Month

A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. [CVSS 7.3 HIGH]

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.5%
CVE-2026-0589 MEDIUM POC This Month

Online Product Reservation System versions up to 1.0 is affected by improper authentication (CVSS 7.3).

Authentication Bypass Online Product Reservation System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.3%
CVE-2025-15456 MEDIUM POC This Month

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. [CVSS 7.3 HIGH]

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.2%
CVE-2025-15455 MEDIUM POC This Month

A flaw has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function delete_page of the file /minicms/mc-admin/page.php of the component File Recovery Request Handler. [CVSS 6.5 MEDIUM]

PHP Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0606 MEDIUM POC This Month

SQL injection in code-projects Online Music Site 1.0 via the ID parameter in /FrontEnd/Albums.php allows unauthenticated remote attackers to manipulate database queries and potentially extract or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available, leaving all installations at risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0605 MEDIUM POC This Month

SQL injection in the Online Music Site 1.0 login functionality allows unauthenticated remote attackers to manipulate username and password parameters, potentially leading to unauthorized data access, modification, or service disruption. Public exploit code exists for this vulnerability, and no patch is currently available, leaving deployed instances at immediate risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0592 MEDIUM POC This Month

SQL injection in the Online Product Reservation System 1.0 user registration handler allows remote attackers to manipulate multiple input fields (name, address, contact details, email, username) without authentication to execute arbitrary database queries. Public exploit code exists for this vulnerability, increasing active exploitation risk. No patch is currently available for affected PHP-based installations.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0585 MEDIUM POC This Month

SQL injection in the Online Product Reservation System 1.0 allows unauthenticated remote attackers to manipulate the transaction_id parameter in /order_view.php and execute arbitrary database queries. Public exploit code is available for this vulnerability, and no patch is currently available. The flaw enables attackers to read, modify, or delete sensitive data with network access only.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0583 MEDIUM POC This Month

SQL injection in the User Login component of Online Product Reservation System 1.0 allows unauthenticated remote attackers to manipulate the emailadd parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, enabling attackers to potentially extract sensitive data or modify database contents. No patch is currently available to address this issue.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-0625 CRITICAL Act Now

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality.

D-Link Authentication Bypass
NVD VulDB
CVSS 4.0
9.3
EPSS
0.7%
CVE-2025-15449 MEDIUM POC This Month

A vulnerability was determined in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. Affected is the function delete of the file src/main/java/com/macro/mall/controller/MinioController.java. [CVSS 5.4 MEDIUM]

Java Path Traversal Javamall
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-67316 MEDIUM POC This Month

An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser [CVSS 5.4 MEDIUM]

RCE XSS Internet Browser
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-67315 MEDIUM POC This Month

Employee Leave Management System versions up to 2.1 is affected by cross-site request forgery (csrf) (CVSS 5.4).

PHP Employee Leave Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-39484 CRITICAL Act Now

Waituk Entrada WordPress theme (through 5.7.7) contains blind SQL injection with scope change, allowing unauthenticated database extraction beyond the theme's own data.

SQLi
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-68865 CRITICAL Act Now

Infility Global WordPress plugin (through 2.14.48) contains SQL injection with scope change, enabling unauthenticated database extraction beyond the plugin's own data. No patch available.

SQLi
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-30633 CRITICAL Act Now

Amazon Native Shopping Recommendations WordPress plugin (through 1.3) contains SQL injection that allows unauthenticated attackers to extract database contents with scope change. Abandoned plugin with no expected patch.

SQLi
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-68428 CRITICAL PATCH Act Now

Local file inclusion and path traversal in the Node.js builds of jsPDF (dist/jspdf.node.js and dist/jspdf.node.min.js) prior to version 4.0.0 lets an attacker who controls the path argument passed to loadFile, addImage, html, or addFont read arbitrary files from the host filesystem, with the file contents embedded verbatim into the generated PDF. Applications that forward unsanitized user input into these methods leak secrets such as /etc/passwd, configuration files, or private keys to anyone who can request a PDF. No public exploit identified at time of analysis; EPSS risk is very low (0.02%, 6th percentile) and the issue is not in CISA KEV.

Node.js Path Traversal Jspdf
NVD GitHub
CVSS 4.0
9.2
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy