CWE-707

Improper Neutralization

4 CVEs Avg CVSS 5.0 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
2
LOW
1
POC
1
KEV

Monthly

CVE-2025-66545 LOW PATCH Monitor

A security vulnerability in a group or team. (CVSS 3.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Nextcloud
NVD GitHub
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-27712 LOW Monitor

Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation
NVD
CVSS 4.0
2.4
EPSS
0.0%
CVE-2025-24921 MEDIUM This Month

Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intel
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-26633 HIGH POC KEV THREAT Act Now

A security feature bypass in Microsoft Management Console (MMC) allows attackers to evade security warnings and execute malicious code locally. KEV-listed and tracked as CVE-2025-26633, this vulnerability has been actively exploited by the Water Gamayun threat group (also tracked as EncryptHub) using crafted .msc files to deploy info-stealing malware. Public PoC is available and EPSS is 7.1%.

Authentication Bypass Microsoft
NVD Exploit-DB VulDB
CVSS 3.1
7.0
EPSS
7.1%
Threat
4.6
CVE-2025-66545
EPSS 0% CVSS 3.5
LOW PATCH Monitor

A security vulnerability in a group or team. (CVSS 3.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Nextcloud
NVD GitHub
CVE-2025-27712
EPSS 0% CVSS 2.4
LOW Monitor

Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation
NVD
CVE-2025-24921
EPSS 0% CVSS 6.9
MEDIUM This Month

Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intel
NVD
CVE-2025-26633
EPSS 7% 4.6 CVSS 7.0
HIGH POC KEV THREAT Act Now

A security feature bypass in Microsoft Management Console (MMC) allows attackers to evade security warnings and execute malicious code locally. KEV-listed and tracked as CVE-2025-26633, this vulnerability has been actively exploited by the Water Gamayun threat group (also tracked as EncryptHub) using crafted .msc files to deploy info-stealing malware. Public PoC is available and EPSS is 7.1%.

Authentication Bypass Microsoft
NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy