CWE-830

Inclusion of Web Functionality from an Untrusted Source

6 CVEs Avg CVSS 6.5 MITRE
0
CRITICAL
1
HIGH
5
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2025-65109 HIGH PATCH This Month

Minder is an open source software supply chain security platform. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-46652 MEDIUM This Month

In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-43703 MEDIUM PATCH This Month

An issue was discovered in Ankitects Anki through 25.02. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Anki
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-33028 MEDIUM This Month

In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-33027 MEDIUM This Month

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Bandizip
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-33026 MEDIUM This Month

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Peazip Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-65109
EPSS 0% CVSS 8.5
HIGH PATCH This Month

Minder is an open source software supply chain security platform. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVE-2025-46652
EPSS 0% CVSS 6.1
MEDIUM This Month

In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVE-2025-43703
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

An issue was discovered in Ankitects Anki through 25.02. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Anki
NVD GitHub
CVE-2025-33028
EPSS 0% CVSS 6.1
MEDIUM This Month

In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE
NVD GitHub
CVE-2025-33027
EPSS 0% CVSS 6.1
MEDIUM This Month

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Bandizip
NVD GitHub
CVE-2025-33026
EPSS 0% CVSS 6.1
MEDIUM This Month

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Peazip Suse
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy