150 CVEs tracked today. 14 Critical, 56 High, 49 Medium, 7 Low.
-
CVE-2025-68865
CRITICAL
CVSS 9.3
Infility Global WordPress plugin (through 2.14.48) contains SQL injection with scope change, enabling unauthenticated database extraction beyond the plugin's own data. No patch available.
SQLi
-
CVE-2025-68456
CRITICAL
CVSS 9.1
Craft CMS (5.0.0-RC1 through 5.8.20, 3.x through 4.16.16) allows unauthenticated users to trigger database backup operations, leading to resource exhaustion or information disclosure if backups are stored in accessible locations. PoC available, patches available.
Information Disclosure
Craft Cms
-
CVE-2025-67397
CRITICAL
CVSS 9.1
Passy v1.6.3 password manager allows authenticated administrators to execute arbitrary OS commands via crafted HTTP requests. The scope change from application to OS makes this critical despite requiring high privileges.
Command Injection
RCE
Passy
-
CVE-2025-66376
HIGH
CVSS 7.2
Zimbra Collaboration Suite (ZCS) 10.x contains a stored XSS vulnerability in the Classic UI that allows attackers to execute arbitrary JavaScript through CSS @import directives in HTML emails. KEV-listed, this vulnerability (CVE-2025-66376) enables session hijacking and account takeover when administrators or users view malicious emails, making it a high-value target for email-based espionage campaigns.
XSS
Zimbra Collaboration Suite
-
CVE-2025-64420
CRITICAL
CVSS 9.9
Coolify through v4.0.0-beta.434 exposes the root user's SSH private key to low-privileged team members. Any user with basic access can extract the key, SSH to the server as root, and fully compromise the Coolify instance and all managed infrastructure. PoC available.
Ssh
Coolify
-
CVE-2025-64419
CRITICAL
CVSS 9.6
Coolify before 4.0.0-beta.445 allows command injection through docker-compose.yaml parameters. If a victim creates an application from an attacker-controlled repository using the Docker Compose build pack, the attacker achieves root code execution on the Coolify instance. PoC available, patch available.
Docker
Coolify
-
CVE-2025-59157
CRITICAL
CVSS 9.9
Coolify, a self-hosted server management platform, allows authenticated users to inject OS commands through the Git Repository field during project creation. A regular member can achieve root-level code execution on the Coolify host with scope change. PoC available.
Command Injection
Coolify
-
CVE-2025-39484
CRITICAL
CVSS 9.3
Waituk Entrada WordPress theme (through 5.7.7) contains blind SQL injection with scope change, allowing unauthenticated database extraction beyond the theme's own data.
SQLi
-
CVE-2025-31048
CRITICAL
CVSS 9.9
Themify Shopo WordPress theme (through 1.1.4) allows authenticated users to upload web shells. Despite requiring low-level authentication, the scope change to CVSS 9.9 means any subscriber account can achieve full server compromise.
WordPress
PHP
RCE
Remote Code Execution
-
CVE-2025-30633
CRITICAL
CVSS 9.3
Amazon Native Shopping Recommendations WordPress plugin (through 1.3) contains SQL injection that allows unauthenticated attackers to extract database contents with scope change. Abandoned plugin with no expected patch.
SQLi
-
CVE-2025-27807
CRITICAL
CVSS 9.1
Samsung Exynos processors (multiple models including 980, 990, 2100, 2200, 2400) and modems have an out-of-bounds write via malformed NAS (Non-Access Stratum) packets. This baseband vulnerability can be exploited over the cellular network without user interaction, potentially affecting millions of devices.
Samsung
Exynos 1080 Firmware
Modem 5300 Firmware
Exynos 2200 Firmware
Exynos 980 Firmware
-
CVE-2025-15029
CRITICAL
CVSS 9.8
Centreon Infra Monitoring's AWIE export module contains SQL injection accessible to unauthenticated users. Combined with CVE-2025-15026 (missing auth on import), the AWIE module has both unauthenticated data extraction and unauthorized configuration access. Patch available.
SQLi
Awie
-
CVE-2025-15026
CRITICAL
CVSS 9.8
Centreon Infra Monitoring's centreon-awie module lacks authentication on critical import functions, allowing unauthenticated attackers to access functionality that should be restricted by ACLs. Affects multiple Centreon versions. Patch available.
Authentication Bypass
Awie
-
CVE-2025-14346
CRITICAL
CVSS 9.8
WHILL Model C2 electric wheelchairs and Model F power chairs accept Bluetooth connections without authentication. An attacker within Bluetooth range can pair with the device and issue movement commands, override speed restrictions, and change configuration – creating a direct physical safety hazard for the user.
Authentication Bypass
-
CVE-2023-50897
CRITICAL
CVSS 9.1
Media File Renamer WordPress plugin (through 5.7.7) by Meow Apps allows administrators to upload files with dangerous types, achieving OS-level code execution with scope change. While admin access is required, the scope break makes this critical.
File Upload
-
CVE-2026-21633
HIGH
CVSS 8.8
UniFi Protect Camera versions 6.1.79 and earlier contain an authentication bypass in their discovery protocol that allows adjacent network attackers to gain unauthorized access without credentials. An attacker on the local network can exploit this vulnerability to compromise camera systems and obtain full control. No patch is currently available, though updating to version 6.2.72 or later is recommended as mitigation.
Authentication Bypass
Unifi Protect
-
CVE-2026-0621
HIGH
CVSS 7.5
Denial of service in Anthropic MCP TypeScript SDK up to version 1.25.1 stems from catastrophic backtracking in regex processing of RFC 6570 URI templates, allowing remote attackers to trigger excessive CPU consumption and crash Node.js processes without authentication. Public exploit code exists for this vulnerability. The lack of available patches leaves affected systems exposed until upgrades to patched versions are deployed.
Node.js
Denial Of Service
AI / ML
Mcp Typescript Sdk
-
CVE-2026-0606
HIGH
CVSS 7.3
SQL injection in code-projects Online Music Site 1.0 via the ID parameter in /FrontEnd/Albums.php allows unauthenticated remote attackers to manipulate database queries and potentially extract or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available, leaving all installations at risk.
PHP
SQLi
Online Music Site
-
CVE-2026-0605
HIGH
CVSS 7.3
SQL injection in the Online Music Site 1.0 login functionality allows unauthenticated remote attackers to manipulate username and password parameters, potentially leading to unauthorized data access, modification, or service disruption. Public exploit code exists for this vulnerability, and no patch is currently available, leaving deployed instances at immediate risk.
PHP
SQLi
Online Music Site
-
CVE-2026-0592
HIGH
CVSS 7.3
SQL injection in the Online Product Reservation System 1.0 user registration handler allows remote attackers to manipulate multiple input fields (name, address, contact details, email, username) without authentication to execute arbitrary database queries. Public exploit code exists for this vulnerability, increasing active exploitation risk. No patch is currently available for affected PHP-based installations.
PHP
SQLi
Online Product Reservation System
-
CVE-2026-0589
HIGH
CVSS 7.3
Online Product Reservation System versions up to 1.0 is affected by improper authentication (CVSS 7.3).
Authentication Bypass
Online Product Reservation System
-
CVE-2026-0585
HIGH
CVSS 7.3
SQL injection in the Online Product Reservation System 1.0 allows unauthenticated remote attackers to manipulate the transaction_id parameter in /order_view.php and execute arbitrary database queries. Public exploit code is available for this vulnerability, and no patch is currently available. The flaw enables attackers to read, modify, or delete sensitive data with network access only.
PHP
SQLi
Online Product Reservation System
-
CVE-2026-0583
HIGH
CVSS 7.3
SQL injection in the User Login component of Online Product Reservation System 1.0 allows unauthenticated remote attackers to manipulate the emailadd parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, enabling attackers to potentially extract sensitive data or modify database contents. No patch is currently available to address this issue.
PHP
SQLi
Online Product Reservation System
-
CVE-2025-69223
HIGH
CVSS 7.5
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. [CVSS 7.5 HIGH]
Python
Denial Of Service
Aiohttp
Redhat
Suse
-
CVE-2025-69087
HIGH
CVSS 8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes FreeAgent allows PHP Local File Inclusion.This issue affects FreeAgent: from n/a through 2.1.2. [CVSS 8.1 HIGH]
PHP
Lfi
-
CVE-2025-68953
HIGH
CVSS 7.5
Frappe is a full-stack web application framework. Versions 14.99.5 and below and 15.0.0 through 15.80.1 include requests that are vulnerable to path traversal attacks. [CVSS 7.5 HIGH]
Path Traversal
Frappe
-
CVE-2025-68850
HIGH
CVSS 7.5
Missing Authorization vulnerability in Codepeople Sell Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sell Downloads: from n/a through 1.1.12. [CVSS 7.5 HIGH]
Authentication Bypass
-
CVE-2025-68547
HIGH
CVSS 7.5
Missing Authorization vulnerability in WPweb Follow My Blog Post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through 2.4.0. [CVSS 7.5 HIGH]
Authentication Bypass
-
CVE-2025-68455
HIGH
CVSS 7.2
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 are vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior. [CVSS 7.2 HIGH]
RCE
Craft Cms
-
CVE-2025-68454
HIGH
CVSS 8.8
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 are vulnerable to potential authenticated Remote Code Execution via Twig SSTI. [CVSS 8.8 HIGH]
RCE
Craft Cms
-
CVE-2025-68428
HIGH
CVSS 7.5
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. [CVSS 7.5 HIGH]
Node.js
Lfi
Path Traversal
Jspdf
Redhat
-
CVE-2025-68044
HIGH
CVSS 8.6
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through 2.7.8. [CVSS 8.6 HIGH]
Authentication Bypass
-
CVE-2025-68033
HIGH
CVSS 7.5
Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts allows Retrieve Embedded Sensitive Data.This issue affects Custom Related Posts: from n/a through 1.8.0. [CVSS 7.5 HIGH]
Information Disclosure
-
CVE-2025-67419
HIGH
CVSS 7.5
Evershop contains a vulnerability that allows attackers to exhaust the application server's resources via the "GET /images" API (CVSS 7.5).
Denial Of Service
Evershop
-
CVE-2025-67303
HIGH
CVSS 7.5
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface [CVSS 7.5 HIGH]
Information Disclosure
AI / ML
Comfyui Manager
-
CVE-2025-66648
HIGH
CVSS 7.2
vega-functions provides function implementations for the Vega expression language. Prior to version 6.1.1, for sites that allow users to supply untrusted user input, malicious use of an internal function (not part of the public API) could be used to run unintentional javascript (XSS). [CVSS 7.2 HIGH]
XSS
Vega Functions
Redhat
-
CVE-2025-66518
HIGH
CVSS 8.8
Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. [CVSS 8.8 HIGH]
Apache
Kyuubi
-
CVE-2025-65110
HIGH
CVSS 8.1
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used. [CVSS 8.1 HIGH]
RCE
XSS
Vega
Redhat
-
CVE-2025-64425
HIGH
CVSS 8.1
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, an attacker can initiate a password reset for a victim, and modify the host header of the request to a malicious value. [CVSS 8.1 HIGH]
Information Disclosure
Coolify
-
CVE-2025-64424
HIGH
CVSS 8.8
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. [CVSS 8.8 HIGH]
Command Injection
Coolify
-
CVE-2025-64423
HIGH
CVSS 8.8
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user (member) can see and use invitation links sent to an administrator. [CVSS 8.8 HIGH]
Authentication Bypass
Coolify
-
CVE-2025-64421
HIGH
CVSS 8.0
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user (member) can invite a high privileged user. [CVSS 8.0 HIGH]
Authentication Bypass
Coolify
-
CVE-2025-61916
HIGH
CVSS 7.9
Spinnaker is an open source, multi-cloud continuous delivery platform. Versions prior to 2025.1.6, 2025.2.3, and 2025.3.0 are vulnerable to server-side request forgery. [CVSS 7.9 HIGH]
Docker
Kubernetes
Aws
Gitlab
Github
-
CVE-2025-61781
HIGH
CVSS 7.1
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. [CVSS 7.1 HIGH]
Authentication Bypass
Opencti
-
CVE-2025-59467
HIGH
CVSS 7.5
A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. [CVSS 7.5 HIGH]
XSS
Privilege Escalation
Argentina Afip Invoices
-
CVE-2025-59158
HIGH
CVSS 8.0
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS) attack in the project creation workflow. [CVSS 8.0 HIGH]
XSS
Coolify
-
CVE-2025-59156
HIGH
CVSS 8.8
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution (RCE)*vulnerability exists in Coolify's application deployment workflow. [CVSS 8.8 HIGH]
Docker
RCE
Coolify
-
CVE-2025-57836
HIGH
CVSS 7.8
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges. [CVSS 7.8 HIGH]
Samsung
Windows
Magician
-
CVE-2025-55204
HIGH
CVSS 8.8
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution (RCE) vulnerability in. [CVSS 8.8 HIGH]
RCE
Muffon
-
CVE-2025-53966
HIGH
CVSS 8.4
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message. [CVSS 8.4 HIGH]
Samsung
Buffer Overflow
Exynos 1380 Firmware
Exynos 1580 Firmware
Exynos 1480 Firmware
-
CVE-2025-52519
HIGH
CVSS 7.1
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service. [CVSS 7.1 HIGH]
Samsung
Denial Of Service
Information Disclosure
Exynos 1580 Firmware
Exynos 2500 Firmware
-
CVE-2025-49495
HIGH
CVSS 8.4
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow. [CVSS 8.4 HIGH]
Samsung
Buffer Overflow
Exynos 1580 Firmware
Exynos 1380 Firmware
Exynos 2400 Firmware
-
CVE-2025-46255
HIGH
CVSS 7.5
Missing Authorization vulnerability in Marketing Fire LLC LoginWP - Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LoginWP - Pro: from n/a through 4.0.8.5. [CVSS 7.5 HIGH]
Authentication Bypass
-
CVE-2025-43706
HIGH
CVSS 7.5
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service. [CVSS 7.5 HIGH]
Samsung
Denial Of Service
Exynos 990 Firmware
Exynos 850 Firmware
Modem 5400 Firmware
-
CVE-2025-31047
HIGH
CVSS 8.8
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0. [CVSS 8.8 HIGH]
Deserialization
-
CVE-2025-31044
HIGH
CVSS 8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 3.3.2. [CVSS 8.5 HIGH]
SQLi
-
CVE-2025-15462
HIGH
CVSS 8.8
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigAdvideo. [CVSS 8.8 HIGH]
Buffer Overflow
520w Firmware
-
CVE-2025-15461
HIGH
CVSS 8.8
A flaw has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTaskEdit. [CVSS 8.8 HIGH]
Buffer Overflow
520w Firmware
-
CVE-2025-15460
HIGH
CVSS 8.8
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formPptpClientConfig. [CVSS 8.8 HIGH]
Buffer Overflow
520w Firmware
-
CVE-2025-15459
HIGH
CVSS 8.8
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formUser. [CVSS 8.8 HIGH]
Buffer Overflow
520w Firmware
-
CVE-2025-15458
HIGH
CVSS 7.3
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. [CVSS 7.3 HIGH]
PHP
Minicms
-
CVE-2025-15457
HIGH
CVSS 7.3
A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. [CVSS 7.3 HIGH]
PHP
Minicms
-
CVE-2025-15456
HIGH
CVSS 7.3
A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. [CVSS 7.3 HIGH]
PHP
Minicms
-
CVE-2025-15240
HIGH
CVSS 8.8
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. [CVSS 8.8 HIGH]
File Upload
RCE
AI / ML
Qoca Aim
-
CVE-2025-14124
HIGH
CVSS 8.6
The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. [CVSS 8.6 HIGH]
WordPress
SQLi
PHP
-
CVE-2025-5965
HIGH
CVSS 7.2
In the backup parameters, a user with high privilege is able to concatenate custom instructions to the backup setup. [CVSS 7.2 HIGH]
Command Injection
Centreon Web
-
CVE-2024-53735
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Corourke iPhone Webclip Manager allows Stored XSS.This issue affects iPhone Webclip Manager: from n/a through 0.5. [CVSS 7.1 HIGH]
XSS
-
CVE-2024-30516
HIGH
CVSS 7.5
Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking Package: from n/a through 1.6.27. [CVSS 7.5 HIGH]
Information Disclosure
-
CVE-2024-30461
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11. [CVSS 7.1 HIGH]
XSS
-
CVE-2023-49186
HIGH
CVSS 7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6. [CVSS 7.1 HIGH]
XSS
-
CVE-2026-21635
MEDIUM
CVSS 5.3
Unifi Connect EV Station Lite firmware v1.5.2 and earlier contains an access control weakness that permits nearby Wi-Fi attackers to activate the AutoLink feature on devices provisioned exclusively through Ethernet connections. This vulnerability could allow unauthorized wireless configuration of the charging station despite it being administratively restricted to wired network adoption. No patch is currently available for this medium-severity issue.
Authentication Bypass
Unifi Connect Ev Station Lite Firmware
-
CVE-2026-21634
MEDIUM
CVSS 6.5
UniFi Protect Application versions 6.1.79 and earlier suffer from a buffer overflow in the discovery protocol that allows adjacent network attackers to trigger denial of service by causing the application to restart. The vulnerability requires network proximity but no authentication or user interaction, making it exploitable by any attacker on the same network segment. Administrators should upgrade to version 6.2.72 or later to remediate this issue.
Buffer Overflow
Unifi Protect
-
CVE-2026-0597
MEDIUM
CVSS 6.3
SQL injection in Campcodes Supplier Management System 1.0 allows authenticated remote attackers to manipulate the txtRetailerAddress parameter in /retailer/edit_profile.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations running PHP-based installations should implement input validation controls and restrict access to the vulnerable endpoint until patching becomes available.
PHP
SQLi
Supplier Management System
-
CVE-2026-0591
MEDIUM
CVSS 6.3
SQL injection in the cart update handler of Online Product Reservation System 1.0 allows authenticated attackers to manipulate product ID and quantity parameters, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, and no patch is currently available, affecting systems running the vulnerable PHP application.
PHP
SQLi
Online Product Reservation System
-
CVE-2026-0590
MEDIUM
CVSS 6.3
SQL injection in the Online Product Reservation System 1.0 checkout delete function allows authenticated attackers to manipulate POST parameters and execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems at risk of data theft or manipulation.
PHP
SQLi
Online Product Reservation System
-
CVE-2026-0586
MEDIUM
CVSS 4.3
Online Product Reservation System versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 4.3).
PHP
XSS
Online Product Reservation System
-
CVE-2026-0584
MEDIUM
CVSS 6.3
SQL injection in the Online Product Reservation System 1.0 via the ID parameter in app/products/left_cart.php allows authenticated attackers to read, modify, or delete database contents remotely. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available for affected PHP installations running this software.
PHP
SQLi
Online Product Reservation System
-
CVE-2026-0582
MEDIUM
CVSS 6.3
SQL injection in itsourcecode Society Management System 1.0 allows authenticated attackers to manipulate the Title parameter in /admin/edit_activity_query.php, enabling remote data exfiltration, modification, or deletion. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems at risk.
PHP
SQLi
Society Management System
-
CVE-2026-0581
MEDIUM
CVSS 6.3
Ac1206 Firmware versions up to 15.03.06.23 contains a vulnerability that allows attackers to command injection (CVSS 6.3).
Command Injection
Ac1206 Firmware
-
CVE-2025-69226
MEDIUM
CVSS 5.3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. [CVSS 5.3 MEDIUM]
Python
Path Traversal
Aiohttp
Redhat
Suse
-
CVE-2025-69224
MEDIUM
CVSS 6.5
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. [CVSS 6.5 MEDIUM]
Python
Aiohttp
Redhat
Suse
-
CVE-2025-68437
MEDIUM
CVSS 6.8
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL `save_<VolumeName>_Asset` mutation is vulnerable to Server-Side Request Forgery (SSRF). [CVSS 6.8 MEDIUM]
SSRF
Craft Cms
-
CVE-2025-68436
MEDIUM
CVSS 6.5
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. [CVSS 6.5 MEDIUM]
Information Disclosure
Craft Cms
-
CVE-2025-68280
MEDIUM
CVSS 6.5
Improper Restriction of XML External Entity Reference vulnerability in Apache SIS.
It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the following SIS services:
* Reading of GeoTIFF files having the GEO_METADATA tag defined by the Defense Geospatial Information Working Group (DGIWG).
* Parsing of ISO 19115 metadata in XML for...
Apache
Java
XXE
Spatial Information System
-
CVE-2025-68029
MEDIUM
CVSS 6.3
Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through 2.7.2. [CVSS 6.3 MEDIUM]
WordPress
PHP
-
CVE-2025-68014
MEDIUM
CVSS 6.5
Insertion of Sensitive Information Into Sent Data vulnerability in Awethemes AweBooking allows Retrieve Embedded Sensitive Data.This issue affects AweBooking: from n/a through 3.2.26. [CVSS 6.5 MEDIUM]
Information Disclosure
-
CVE-2025-67732
MEDIUM
CVSS 6.5
Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed in plaintext to the frontend, allowing non-administrator users to view and reuse it. [CVSS 6.5 MEDIUM]
Authentication Bypass
Information Disclosure
AI / ML
Dify
-
CVE-2025-67427
MEDIUM
CVSS 6.5
A Blind Server-Side Request Forgery (SSRF) vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to force the server to initiate an HTTP request via the "GET /images" API. [CVSS 6.5 MEDIUM]
SSRF
Evershop
-
CVE-2025-67316
MEDIUM
CVSS 5.4
An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser [CVSS 5.4 MEDIUM]
RCE
XSS
-
CVE-2025-67315
MEDIUM
CVSS 5.4
Employee Leave Management System versions up to 2.1 is affected by cross-site request forgery (csrf) (CVSS 5.4).
PHP
Employee Leave Management System
-
CVE-2025-65922
MEDIUM
CVSS 4.3
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. [CVSS 4.3 MEDIUM]
XSS
-
CVE-2025-65328
MEDIUM
CVSS 6.5
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) header as the client IP without validating a trusted proxy chain. [CVSS 6.5 MEDIUM]
Authentication Bypass
Mega Fence
-
CVE-2025-64422
MEDIUM
CVSS 4.3
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify vstarting with version 4.0.0-beta.434, the /login endpoint advertises a rate limit of 5 requests but can be trivially bypassed by rotating the X-Forwarded-For header. [CVSS 4.3 MEDIUM]
Denial Of Service
Coolify
-
CVE-2025-59955
MEDIUM
CVSS 5.7
Coolify versions up to 4.0.0 contains a vulnerability that allows attackers to a malicious actor to perform an unauthorized email address change on behalf of t (CVSS 5.7).
Information Disclosure
Coolify
-
CVE-2025-53344
MEDIUM
CVSS 4.3
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress Thim Core allows Cross Site Request Forgery.This issue affects Thim Core: from n/a through 2.3.3. [CVSS 4.3 MEDIUM]
CSRF
-
CVE-2025-52517
MEDIUM
CVSS 5.9
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service. [CVSS 5.9 MEDIUM]
Samsung
Denial Of Service
Race Condition
Exynos 1330 Firmware
Exynos 1480 Firmware
-
CVE-2025-52516
MEDIUM
CVSS 6.2
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service. [CVSS 6.2 MEDIUM]
Samsung
Linux
Denial Of Service
Exynos 1330 Firmware
Exynos 1480 Firmware
-
CVE-2025-52515
MEDIUM
CVSS 5.1
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service. [CVSS 5.1 MEDIUM]
Samsung
Denial Of Service
Race Condition
Exynos 2400 Firmware
Exynos 2500 Firmware
-
CVE-2025-39561
MEDIUM
CVSS 6.5
Missing Authorization vulnerability in Marketing Fire, LLC LoginWP - Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LoginWP - Pro: from n/a through 4.0.8.5. [CVSS 6.5 MEDIUM]
Authentication Bypass
-
CVE-2025-39497
MEDIUM
CVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dokan Dokan Pro allows Stored XSS.This issue affects Dokan Pro: from n/a through 3.14.5. [CVSS 6.5 MEDIUM]
XSS
-
CVE-2025-31046
MEDIUM
CVSS 4.3
Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyWhere Elementor Pro: from n/a through 2.29. [CVSS 4.3 MEDIUM]
Authentication Bypass
-
CVE-2025-15455
MEDIUM
CVSS 6.5
A flaw has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function delete_page of the file /minicms/mc-admin/page.php of the component File Recovery Request Handler. [CVSS 6.5 MEDIUM]
PHP
Minicms
-
CVE-2025-15453
MEDIUM
CVSS 6.3
A security vulnerability has been detected in milvu versions up to 2.6.7. is affected by improper input validation (CVSS 6.3).
Golang
Deserialization
AI / ML
-
CVE-2025-15450
MEDIUM
CVSS 6.3
A vulnerability was identified in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected by this vulnerability is the function findOrderHosNum of the file /ssm_pro/orderHos/. Such manipulation of the argument hospitalAddress/hospitalName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. This product does not u...
SQLi
-
CVE-2025-15449
MEDIUM
CVSS 5.4
A vulnerability was determined in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. Affected is the function delete of the file src/main/java/com/macro/mall/controller/MinioController.java. [CVSS 5.4 MEDIUM]
Java
Path Traversal
Javamall
-
CVE-2025-15448
MEDIUM
CVSS 6.3
A vulnerability was found in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. This impacts the function Upload of the file src/main/java/com/macro/mall/controller/MinioController.java. [CVSS 6.3 MEDIUM]
Java
Javamall
-
CVE-2025-15239
MEDIUM
CVSS 6.5
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. [CVSS 6.5 MEDIUM]
SQLi
AI / ML
Qoca Aim
-
CVE-2025-15238
MEDIUM
CVSS 6.5
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. [CVSS 6.5 MEDIUM]
SQLi
AI / ML
Qoca Aim
-
CVE-2025-15237
MEDIUM
CVSS 4.3
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability. [CVSS 4.3 MEDIUM]
Path Traversal
AI / ML
Qoca Aim
-
CVE-2025-15236
MEDIUM
CVSS 4.3
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability. [CVSS 4.3 MEDIUM]
Path Traversal
AI / ML
Qoca Aim
-
CVE-2025-15235
MEDIUM
CVSS 6.5
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing authenticated remote attackers to modify specific network packet parameters, enabling certain system functions to access other users' files. [CVSS 6.5 MEDIUM]
Authentication Bypass
AI / ML
Qoca Aim
-
CVE-2025-13056
MEDIUM
CVSS 6.8
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Administration ACL menu configuration modules)
allows Stored XSS to users with high privileges. [CVSS 6.8 MEDIUM]
XSS
Centreon Web
-
CVE-2025-12519
MEDIUM
CVSS 5.3
Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. [CVSS 5.3 MEDIUM]
Information Disclosure
Centreon Web
-
CVE-2025-12513
MEDIUM
CVSS 6.8
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hosts configuration form modules) allows Stored XSS to users with high privileges. [CVSS 6.8 MEDIUM]
XSS
Centreon Web
-
CVE-2025-12511
MEDIUM
CVSS 6.8
Dynamic Service Management versions up to 25.10.1 is affected by cross-site scripting (xss) (CVSS 6.8).
XSS
Dynamic Service Management
-
CVE-2025-5591
MEDIUM
CVSS 5.4
Kentico Xperience 13 is vulnerable to a stored cross-site scripting attack via a form component, allowing an attacker to hijack a victim user’s session and perform actions in their security context. [CVSS 5.4 MEDIUM]
XSS
Xperience
-
CVE-2024-23511
MEDIUM
CVSS 6.5
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.3.3. [CVSS 6.5 MEDIUM]
XSS
-
CVE-2023-52212
MEDIUM
CVSS 5.4
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager allows Cross Site Request Forgery.This issue affects WP Job Manager: from n/a through 2.0.0. [CVSS 5.4 MEDIUM]
CSRF
-
CVE-2023-51513
MEDIUM
CVSS 6.5
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2. [CVSS 6.5 MEDIUM]
XSS
-
CVE-2026-0625
None
Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality.
D-Link
Dns
Authentication Bypass
-
CVE-2026-0588
LOW
CVSS 3.5
A weakness has been identified in Xinhu Rainrock RockOA up to 2.7.1. Affected by this vulnerability is an unknown functionality of the file rockfun.php of the component API. [CVSS 3.5 LOW]
PHP
XSS
-
CVE-2026-0587
LOW
CVSS 3.5
A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown function of the file rock_page_gong.php of the component Cover Image Handler. [CVSS 3.5 LOW]
PHP
XSS
-
CVE-2026-0580
LOW
CVSS 3.5
A vulnerability was found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability is an unknown functionality of the component Import Key Handler. [CVSS 3.5 LOW]
XSS
-
CVE-2025-69291
None
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2025-69290
None
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2025-68766
None
In the Linux kernel, the following vulnerability has been resolved:
irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then
it results in an out of bounds access.
Linux
Linux Kernel
-
CVE-2025-68765
None
In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated.
Linux
Linux Kernel
-
CVE-2025-68764
None
In the Linux kernel, the following vulnerability has been resolved:
NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
When a filesystem is being automounted, it needs to preserve the
user-set superblock mount options, such as the "ro" flag.
Linux
Linux Kernel
-
CVE-2025-68763
None
In the Linux kernel, the following vulnerability has been resolved:
crypto: starfive - Correctly handle return of sg_nents_for_len
The return value of sg_nents_for_len was assigned to an unsigned long
in starfive_hash_digest, causing negative error codes to be converted
to large positive integers.
Linux
Buffer Overflow
Linux Kernel
-
CVE-2025-68762
None
In the Linux kernel, the following vulnerability has been resolved:
net: netpoll: initialize work queue before error checks
Prevent a kernel warning when netconsole setup fails on devices with
IFF_DISABLE_NETPOLL flag.
Linux
Linux Kernel
-
CVE-2025-68761
None
In the Linux kernel, the following vulnerability has been resolved:
hfs: fix potential use after free in hfs_correct_next_unused_CNID()
This code calls hfs_bnode_put(node) which drops the refcount and then
dreferences "node" on the next line.
Linux
Use After Free
Linux Kernel
-
CVE-2025-68760
None
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show
In iommu_mmio_write(), it validates the user-provided offset with the
check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-byte access.
Linux
Linux Kernel
-
CVE-2025-68759
None
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA
allocations in a loop.
Linux
Linux Kernel
-
CVE-2025-68758
None
In the Linux kernel, the following vulnerability has been resolved:
backlight: led-bl: Add devlink to supplier LEDs
LED Backlight is a consumer of one or multiple LED class devices, but
devlink is currently unable to create correct supplier-producer links when
the supplier is a class device.
Linux
Null Pointer Dereference
Linux Kernel
-
CVE-2025-68757
None
In the Linux kernel, the following vulnerability has been resolved:
drm/vgem-fence: Fix potential deadlock on release
A timer that expires a vgem fence automatically in 10 seconds is now
released with timer_delete_sync() from fence->ops.release() called on last
dma_fence_put().
Linux
Linux Kernel
-
CVE-2025-68756
None
In the Linux kernel, the following vulnerability has been resolved:
block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock
blk_mq_{add,del}_queue_tag_set() functions add and remove queues from
tagset, the functions make sure that tagset and queues are marked as
shared when two or more queues are attached to the same tagset.
Linux
Linux Kernel
-
CVE-2025-68755
None
In the Linux kernel, the following vulnerability has been resolved:
staging: most: remove broken i2c driver
The MOST I2C driver has been completely broken for five years without
anyone noticing so remove the driver from staging.
Linux
Null Pointer Dereference
Linux Kernel
-
CVE-2025-68754
None
In the Linux kernel, the following vulnerability has been resolved:
rtc: amlogic-a4: fix double free caused by devm
The clock obtained via devm_clk_get_enabled() is automatically managed
by devres and will be disabled and freed on driver detach.
Linux
Linux Kernel
-
CVE-2025-68753
None
In the Linux kernel, the following vulnerability has been resolved:
ALSA: firewire-motu: add bounds check in put_user loop for DSP events
In the DSP event handling code, a put_user() loop copies event data.
Linux
Linux Kernel
-
CVE-2025-68752
None
In the Linux kernel, the following vulnerability has been resolved:
iavf: Implement settime64 with -EOPNOTSUPP
ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference.
Linux
Linux Kernel
-
CVE-2025-68751
None
In the Linux kernel, the following vulnerability has been resolved:
s390/fpu: Fix false-positive kmsan report in fpu_vstl()
A false-positive kmsan report is detected when running ping command.
Linux
Linux Kernel
-
CVE-2025-15454
LOW
CVSS 3.1
A vulnerability was detected in zhanglun lettura up to 0.1.22. This issue affects some unknown processing of the file src/components/ArticleView/ContentRender.tsx of the component RSS Handler. The manipulation results in cross site scripting. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit is now publ...
XSS
-
CVE-2025-15452
LOW
CVSS 2.4
A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. [CVSS 2.4 LOW]
XSS
-
CVE-2025-15451
LOW
CVSS 2.4
A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unknown functionality of the file /admin/system/variableSave.do of the component System Variables Page. [CVSS 2.4 LOW]
XSS
-
CVE-2025-15447
None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2025-15022
None
Action captions in Vaadin accept HTML by default but were not sanitized, potentially allowing Cross-site Scripting (XSS) if caption content is derived from user input. In Vaadin Framework 7 and 8, the Action class is a general-purpose class that may be used by multiple components.
XSS
-
CVE-2025-10933
None
An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads.
Integer Overflow
-
CVE-2025-9543
LOW
CVSS 3.5
FlexTable WordPre versions up to 3.19.2 contains a vulnerability that allows attackers to high privilege users such as admin to perform Stored Cross-Site Scripting attack (CVSS 3.5).
WordPress
XSS
PHP
-
CVE-2024-56825
None
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure
-
CVE-2024-56809
None
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Information Disclosure