Skip to main content
CVE-2025-52694 CRITICAL POC THREAT Emergency

Critical SQL injection vulnerability in an internet-exposed service enabling unauthenticated extraction and manipulation of the entire database. CVSS 10.0 with scope change, EPSS 12.9% indicating high exploitation activity.

SQLi Iotsuite Starter Linux Docker Iot Edge Windows Iotsuite Growth Linux Docker Iotsuite Saas Composer +1
NVD
CVSS 3.1
10.0
EPSS
12.9%
CVE-2025-29329 CRITICAL POC Act Now

Sagemcom F@st 3686 cable modem/router has a buffer overflow in the IPP printing service that allows unauthenticated remote code execution via crafted HTTP requests. PoC available.

Buffer Overflow F St 3686 Firmware RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2025-66802 CRITICAL POC Act Now

Sourcecodester Covid-19 Contact Tracing System 1.0 allows unauthenticated RCE through unrestricted PHP file upload in the user image functionality. PoC available.

RCE Covid 19 Contact Tracing System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2026-22785 CRITICAL POC PATCH Act Now

orval (TypeScript API client generator) before 7.18.0 has code injection via OpenAPI specification summary fields in MCP server generation. Malicious API specs can inject arbitrary code into generated TypeScript. PoC available, patch available.

Command Injection RCE Orval
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-22794 CRITICAL POC PATCH Act Now

Appsmith before 1.93 allows attackers to control the Origin header value used as the base URL in password reset and email verification links. Attackers can redirect authentication tokens to their domain, enabling account takeover. PoC available, patch available.

CSRF Appsmith
NVD GitHub
CVSS 3.1
9.6
EPSS
0.0%
CVE-2025-67146 CRITICAL POC Act Now

GYM-MANAGEMENT-SYSTEM 1.0 has multiple SQL injection vulnerabilities in search and payment endpoints (member_search, trainer_search, gym_search, payment_search). PoC available.

PHP SQLi Authentication Bypass Gym Management System
NVD GitHub
CVSS 3.1
9.4
EPSS
0.1%
CVE-2025-51567 CRITICAL POC Act Now

Kashipara Online Exam System V1.0 has SQL injection in profile.php through five POST parameters (rname, rcollage, rnumber, rgender, rpassword). PoC available.

PHP SQLi Online Exam System
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-22252 CRITICAL POC PATCH Act Now

LibreChat before v0.8.2-rc2 allows any authenticated user to execute shell commands as root inside the container through the MCP stdio transport. A single API request is sufficient for root code execution. PoC available, patch available.

Authentication Bypass AI / ML Librechat
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-63314 CRITICAL Act Now

Acora CMS v10.7.1 uses a static, predictable password reset token. Attackers can replay this token to reset any user's password and take over their account, including admin accounts. Maximum CVSS 10.0 with scope change.

Cm3 Acora Cms Information Disclosure
NVD GitHub
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-46066 CRITICAL Act Now

Automai Director v25.2.0 allows authenticated users to escalate to full administrative privileges with scope change (CVSS 9.9). Low-privileged users can take complete control of the automation platform.

Privilege Escalation Director
NVD GitHub
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-22781 CRITICAL PATCH Act Now

TinyWeb HTTP Server before 1.98 has OS command injection via CGI ISINDEX query parameters. The query string is passed as command-line arguments to CGI executables through Windows CreateProcess(), allowing unauthenticated RCE. Patch available.

Windows Command Injection Tinyweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-46070 CRITICAL Act Now

Automai BotManager v25.2.0 allows unauthenticated remote code execution via the BotManager.exe component due to improper certificate validation. Attackers can execute arbitrary code on systems running the bot management agent.

Authentication Bypass RCE Botmanager
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-69269 CRITICAL Act Now

Broadcom DX NetOps Spectrum (23.3.6 and earlier) has unauthenticated OS command injection on both Windows and Linux platforms. As a network management system, compromise gives attackers visibility and control over the entire monitored infrastructure.

Broadcom Linux Windows Command Injection Dx Netops Spectrum
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-65552 CRITICAL Act Now

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on its 433 MHz sensor channel. No rolling codes, authentication, or anti-replay protection – attackers can record and replay alarm/control frames to trigger false alarms or disable sensors.

Information Disclosure Zx G12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-67147 CRITICAL Act Now

Gym Management System PHP 1.0 has multiple SQL injection vulnerabilities across three files (submit_contact.php, secure_login.php, change_s_pwd.php) through seven parameters. Authentication bypass and data extraction possible.

PHP SQLi Authentication Bypass
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69270 CRITICAL Act Now

Broadcom DX NetOps Spectrum (24.3.8 and earlier) exposes session tokens in URL query strings, enabling session hijacking through browser history, referer headers, or proxy logs.

Broadcom Linux Windows Information Disclosure Dx Netops Spectrum
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-12420 CRITICAL Act Now

ServiceNow AI Platform has a user impersonation vulnerability allowing unauthenticated attackers to impersonate any user and perform their authorized actions. ServiceNow has deployed patches to hosted instances and self-hosted updates are available.

Privilege Escalation AI / ML Virtual Agent Api Now Assist Ai Agents
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-22783 CRITICAL PATCH Act Now

DFIR-IRIS incident response platform before 2.4.24 allows authenticated users to delete arbitrary filesystem paths through mass assignment of the file_local_name field combined with path trust in the delete operation. Scope change with high integrity/availability impact. Patch available.

Information Disclosure Iris
NVD GitHub
CVSS 3.1
9.6
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy