CVE-2025-66738
(8.8 HIGH)

EPSS: 0.04%

updated 2025-12-27T16:15:52.240000

1 posts

An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.

CVE-2025-54322
(10.0 CRITICAL)

EPSS: 0.00%

updated 2025-12-27T14:15:49.547000

1 posts

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

1 repos

https://github.com/Sachinart/CVE-2025-54322

CVE-2025-68952
(0 None)

EPSS: 0.33%

updated 2025-12-27T01:15:42.853000

1 posts

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution (RCE) vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction (1-click). This issue has been patched in version 0.0.61.

CVE-2025-68668
(9.9 CRITICAL)

EPSS: 0.08%

updated 2025-12-27T01:08:46

2 posts

### Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. ### Patches In n8n version 1.111.0, a task-runner-based native Python implementation was introduced

CVE-2025-25341
(7.5 HIGH)

EPSS: 0.02%

updated 2025-12-26T19:47:35

1 posts

A vulnerability exists in the libxmljs 1.0.11 when parsing a specially crafted XML document. Accessing the internal _ref property on entity_ref and entity_decl nodes causes a segmentation fault, potentially leading to a denial-of-service (DoS).

CVE-2025-67015
(7.5 HIGH)

EPSS: 0.03%

updated 2025-12-26T18:30:32

3 posts

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

CVE-2025-57403
(7.5 HIGH)

EPSS: 0.36%

updated 2025-12-26T18:30:27

3 posts

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to the potential exposure of sensitive information.

CVE-2025-67014
(7.5 HIGH)

EPSS: 0.06%

updated 2025-12-26T18:30:27

1 posts

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint.

CVE-2025-13158
(0 None)

EPSS: 0.19%

updated 2025-12-26T16:15:43.263000

3 posts

Prototype pollution vulnerability in apidoc-core versions 0.2.0 and all subsequent versions allows remote attackers to modify JavaScript object prototypes via malformed data structures, including the “define” property processed by the application, potentially leading to denial of service or unintended behavior in applications relying on the integrity of prototype chains. This affects the preProces

CVE-2025-64645
(7.7 HIGH)

EPSS: 0.01%

updated 2025-12-26T15:30:28

1 posts

IBM Concert 1.0.0 through 2.1.0 could allow a local user to escalate their privileges due to a race condition of a symbolic link.

CVE-2025-12771
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-26T15:30:23

3 posts

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.

CVE-2025-13915
(9.8 CRITICAL)

EPSS: 0.31%

updated 2025-12-26T14:15:58.193000

4 posts

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application.

CVE-2025-67450
(7.8 HIGH)

EPSS: 0.01%

updated 2025-12-26T07:15:45.850000

2 posts

Due to insecure library loading in the Eaton UPS Companion software executable, an attacker with access to the software package could perform arbitrary code execution . This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

CVE-2025-59887
(8.6 HIGH)

EPSS: 0.02%

updated 2025-12-26T07:15:45.047000

2 posts

Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center.

CVE-2025-62578(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-12-26T06:30:38

1 posts

DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information

CVE-2025-68945
(5.8 MEDIUM)

EPSS: 0.03%

updated 2025-12-26T04:15:41.507000

2 posts

In Gitea before 1.21.2, an anonymous user can visit a private user's project.

CVE-2025-68937(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-12-26T03:31:17

2 posts

Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later.

CVE-2025-15092
(8.8 HIGH)

EPSS: 0.04%

updated 2025-12-26T03:30:21

3 posts

A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

CVE-2025-68939
(8.2 HIGH)

EPSS: 0.04%

updated 2025-12-26T03:15:50.653000

1 posts

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

CVE-2025-15090
(8.8 HIGH)

EPSS: 0.04%

updated 2025-12-26T00:30:18

3 posts

A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This vulnerability affects the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

CVE-2025-15091
(8.8 HIGH)

EPSS: 0.04%

updated 2025-12-26T00:30:18

3 posts

A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/formPictureUrl. This manipulation of the argument importpictureurl causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-15089
(8.8 HIGH)

EPSS: 0.04%

updated 2025-12-26T00:30:18

1 posts

A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy of the file /goform/APSecurity. The manipulation of the argument wepkey1 leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-15082
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-25T18:30:21

2 posts

A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/proc_post of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure b

CVE-2025-15081
(6.3 MEDIUM)

EPSS: 0.84%

updated 2025-12-25T15:30:20

2 posts

A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub_4780 of the file /jdcapi. Such manipulation of the argument ddns_name leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-66377
(7.5 HIGH)

EPSS: 0.03%

updated 2025-12-25T06:30:37

1 posts

Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.

CVE-2025-15076
(7.3 HIGH)

EPSS: 0.06%

updated 2025-12-25T04:15:43.287000

2 posts

A weakness has been identified in Tenda CH22 1.0.0.1. Impacted is an unknown function of the file /public/. Executing manipulation can lead to path traversal. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-14879
(9.8 CRITICAL)

EPSS: 0.15%

updated 2025-12-24T15:19:01.640000

2 posts

A weakness has been identified in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/onSSIDChange of the component HTTP Request Handler. This manipulation of the argument ssid_index causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-68664
(9.3 CRITICAL)

EPSS: 0.05%

updated 2025-12-24T15:16:02.507000

25 posts

LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data

1 repos

https://github.com/Ak-cybe/CVE-2025-68664-LangGrinch-PoC

CVE-2025-64468
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-24T15:11:39.433000

1 posts

There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions

CVE-2025-64465
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-24T15:11:06.627000

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-14900
(4.7 MEDIUM)

EPSS: 0.03%

updated 2025-12-24T15:01:29.060000

1 posts

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

CVE-2025-15047
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-12-24T00:30:27

1 posts

A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /goform/PPTPDClient of the component HTTP Request Handler. Performing manipulation of the argument Username results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.

CVE-2025-15048
(7.3 HIGH)

EPSS: 1.93%

updated 2025-12-23T23:15:44.167000

1 posts

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-15046
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-12-23T22:15:51.677000

1 posts

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-14922
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:30:41

1 posts

Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin

CVE-2025-14926
(7.8 HIGH)

EPSS: 0.07%

updated 2025-12-23T21:30:41

1 posts

Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint. The specific flaw exists within the convert_config function. T

CVE-2025-14931
(10.0 CRITICAL)

EPSS: 1.40%

updated 2025-12-23T21:30:41

1 posts

Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of pickle data. The issue results from the lack of p

CVE-2025-14927
(7.8 HIGH)

EPSS: 0.07%

updated 2025-12-23T21:30:41

1 posts

Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint. The specific flaw exists within the convert_config function.

CVE-2025-14930
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:30:41

1 posts

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pars

CVE-2025-15045
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-12-23T21:30:41

1 posts

A flaw has been found in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/Natlimit of the component HTTP Request Handler. This manipulation of the argument page causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used.

CVE-2025-15044
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-12-23T21:30:41

1 posts

A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.

CVE-2025-14928
(7.8 HIGH)

EPSS: 0.07%

updated 2025-12-23T21:30:40

1 posts

Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint. The specific flaw exists within the convert_config function

CVE-2025-14925
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:30:40

1 posts

Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ch

1 repos

https://github.com/byteReaper77/CVE-2025-5964-

CVE-2025-14921
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:30:40

1 posts

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists

CVE-2025-29228
(9.8 CRITICAL)

EPSS: 0.27%

updated 2025-12-23T21:30:28

1 posts

Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.

CVE-2025-14929
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:15:48.240000

1 posts

Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla

CVE-2025-14924
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:15:47.600000

1 posts

Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within

CVE-2025-14920
(7.8 HIGH)

EPSS: 0.21%

updated 2025-12-23T21:15:47.183000

1 posts

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with

CVE-2025-33223
(9.8 CRITICAL)

EPSS: 0.06%

updated 2025-12-23T18:30:35

1 posts

NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

CVE-2025-33224
(9.8 CRITICAL)

EPSS: 0.06%

updated 2025-12-23T18:30:35

1 posts

NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with unnecessary privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, information disclosure and data tampering.

CVE-2025-33222
(9.8 CRITICAL)

EPSS: 0.06%

updated 2025-12-23T18:30:35

1 posts

NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.

CVE-2025-45493
(6.5 MEDIUM)

EPSS: 3.38%

updated 2025-12-23T18:30:35

1 posts

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function.

CVE-2025-68381
(6.5 MEDIUM)

EPSS: 0.05%

updated 2025-12-23T17:42:32.230000

1 posts

Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number.

CVE-2025-66522
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-23T17:33:47.433000

1 posts

A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud (pdfonline.foxit.com). The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result, embedded HTML or JavaScript may execute whenever the Digital IDs dialog is accessed or when the affec

CVE-2025-50526
(9.8 CRITICAL)

EPSS: 0.29%

updated 2025-12-23T17:15:48.060000

1 posts

Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function.

CVE-2025-68475
(7.5 HIGH)

EPSS: 0.08%

updated 2025-12-23T16:01:13

1 posts

Hi Fedify team! 👋 Thank you for your work on Fedify—it's a fantastic library for building federated applications. While reviewing the codebase, I discovered a Regular Expression Denial of Service (ReDoS) vulnerability that I'd like to report. I hope this helps improve the project's security. --- ## Summary A Regular Expression Denial of Service (ReDoS) vulnerability exists in Fedify's document

CVE-2025-68615
(9.8 CRITICAL)

EPSS: 0.02%

updated 2025-12-23T14:51:52.650000

2 posts

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.

CVE-2025-68613
(9.9 CRITICAL)

EPSS: 3.55%

updated 2025-12-23T14:51:52.650000

3 posts

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently

Nuclei template

23 repos

https://github.com/LingerANR/n8n-CVE-2025-68613

https://github.com/TheStingR/CVE-2025-68613-POC

https://github.com/Ashwesker/Blackash-CVE-2025-68613

https://github.com/AbdulRKB/n8n-RCE

https://github.com/Dlanang/homelab-CVE-2025-68613

https://github.com/hackersatyamrastogi/n8n-exploit-CVE-2025-68613-n8n-God-Mode-Ultimate

https://github.com/releaseown/analysis-and-poc-n8n-CVE-2025-68613

https://github.com/secjoker/CVE-2025-68613

https://github.com/manyaigdtuw/CVE-2025-68613_Scanner

https://github.com/JohannesLks/CVE-2025-68613-Python-Exploit

https://github.com/Khin-96/n8n-cve-2025-68613-thm

https://github.com/rxerium/CVE-2025-68613

https://github.com/intbjw/CVE-2025-68613-poc-via-copilot

https://github.com/GnuTLam/POC-CVE-2025-68613

https://github.com/intelligent-ears/CVE-2025-68613

https://github.com/ali-py3/Exploit-CVE-2025-68613

https://github.com/wioui/n8n-CVE-2025-68613-exploit

https://github.com/mbanyamer/n8n-Authenticated-Expression-Injection-RCE-CVE-2025-68613

https://github.com/Ak-cybe/CVE-2025-68613-n8n-rce-analysis

https://github.com/reem-012/poc_CVE-2025-68613

https://github.com/J4ck3LSyN-Gen2/n8n-CVE-2025-68613-TryHackMe

https://github.com/r4j3sh-com/CVE-2025-68613-n8n-lab

https://github.com/nehkark/CVE-2025-68613

CVE-2023-53973
(8.4 HIGH)

EPSS: 0.01%

updated 2025-12-23T14:51:52.650000

1 posts

Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking.

CVE-2025-14300
(0 None)

EPSS: 0.05%

updated 2025-12-23T14:51:52.650000

1 posts

The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).

CVE-2023-52163
(5.9 MEDIUM)

EPSS: 17.01%

updated 2025-12-23T12:31:24

4 posts

Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-37164
(10.0 CRITICAL)

EPSS: 77.21%

updated 2025-12-23T12:15:45.053000

2 posts

A remote code execution issue exists in HPE OneView.

Nuclei template

2 repos

https://github.com/g0vguy/CVE-2025-37164-PoC

https://github.com/rxerium/CVE-2025-37164

CVE-2025-65857
(7.5 HIGH)

EPSS: 0.03%

updated 2025-12-23T00:30:39

1 posts

An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.

1 repos

https://github.com/LuisMirandaAcebedo/CVE-2025-65857

CVE-2023-53974
(7.5 HIGH)

EPSS: 0.05%

updated 2025-12-23T00:30:38

1 posts

D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing sensitive network credentials and system configurations.

CVE-2025-14882(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-12-20T17:41:17

1 posts

An API endpoint allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only.

CVE-2025-63389(CVSS UNKNOWN)

EPSS: 0.30%

updated 2025-12-20T05:37:50

1 posts

A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.

CVE-2025-14299(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-12-20T03:31:40

1 posts

The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and resulting in denial-of-service (DoS).

CVE-2025-8065(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-12-20T03:31:40

1 posts

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service (DoS).

CVE-2025-63390
(5.3 MEDIUM)

EPSS: 0.06%

updated 2025-12-20T00:31:32

1 posts

An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed data includes: workspace identifiers (id, name, slug), AI model configurations (chatProvider, chatModel

CVE-2025-68161(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-12-19T22:08:03

2 posts

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the [verifyHostName](https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName) configuration attribute or the [log4j2.sslVerifyHostName](https://logging.apache.org/log4j/2.x/manual/systemproperties

CVE-2025-14964
(9.8 CRITICAL)

EPSS: 0.10%

updated 2025-12-19T21:30:26

1 posts

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack-based buffer overflow. The attack may be performed from remote.

CVE-2025-14733
(9.8 CRITICAL)

EPSS: 36.33%

updated 2025-12-19T21:30:19

8 posts

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and

3 repos

https://github.com/b1gchoi/CVE-2025-14733

https://github.com/machevalia/CVE-2025-14733

https://github.com/Ashwesker/Blackash-CVE-2025-14733

CVE-2025-66908
(5.3 MEDIUM)

EPSS: 0.05%

updated 2025-12-19T18:32:25

1 posts

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormData(contentType = MediaTypeConst.IMAGE) annotation to restrict uploads to image files, but this constraint is not properly enforced.

CVE-2025-66909
(7.5 HIGH)

EPSS: 0.10%

updated 2025-12-19T18:32:24

1 posts

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial of service vulnerability. The ExtendedOpenCVImage class in ai/djl/opencv/ExtendedOpenCVImage.java loads images using OpenCV's imread() function without validating dimensions or pixel count before decompression. An attacker can upload a specially crafted compressed image file (e.g., PNG) that is small w

CVE-2025-65565
(7.5 HIGH)

EPSS: 0.06%

updated 2025-12-19T18:32:19

1 posts

A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID (CPF-SEID) Information Element is not properly validated. The session establishment handler calls IE.FSEID() on a nil pointer, which triggers a panic and termin

CVE-2025-65564
(7.5 HIGH)

EPSS: 0.06%

updated 2025-12-19T18:32:19

1 posts

A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer via IE.RecoveryTimeStamp() instead of validating the message. This results in a panic and terminates

CVE-2025-52692
(8.8 HIGH)

EPSS: 0.02%

updated 2025-12-19T18:31:18

1 posts

Successful exploitation of the vulnerability could allow an attacker with local network access to send a specially crafted URL to access certain administration functions without login credentials.

CVE-2025-65568
(7.5 HIGH)

EPSS: 0.05%

updated 2025-12-19T18:15:50.713000

1 posts

A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and tr

CVE-2025-65567
(7.5 HIGH)

EPSS: 0.05%

updated 2025-12-19T18:15:50.570000

1 posts

A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The Flow-Description parser (parseFlowDesc) can read beyond the bounds of the provided buffer, causing a pa

CVE-2025-14847
(7.5 HIGH)

EPSS: 0.04%

updated 2025-12-19T18:00:18.330000

22 posts

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Ser

8 repos

https://github.com/Ashwesker/Blackash-CVE-2025-14847

https://github.com/KingHacker353/CVE-2025-14847_Expolit

https://github.com/nma-io/mongobleed

https://github.com/cybertechajju/CVE-2025-14847_Expolit

https://github.com/Black1hp/mongobleed-scanner

https://github.com/ProbiusOfficial/CVE-2025-14847

https://github.com/onewinner/CVE-2025-14847

https://github.com/saereya/CVE-2025-14847---MongoBleed

CVE-2025-13008
(0 None)

EPSS: 0.05%

updated 2025-12-19T18:00:18.330000

2 posts

An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.

CVE-2025-14881
(0 None)

EPSS: 0.04%

updated 2025-12-19T18:00:18.330000

1 posts

Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only.

CVE-2025-1928
(9.1 CRITICAL)

EPSS: 0.06%

updated 2025-12-19T18:00:18.330000

1 posts

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation.This issue affects Online Food Delivery System: through 19122025.

CVE-2025-11747
(6.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-19T18:00:18.330000

1 posts

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the colibri_blog_posts shortcode in all versions up to, and including, 1.0.345 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that

CVE-2025-65041
(10.0 CRITICAL)

EPSS: 0.08%

updated 2025-12-19T18:00:18.330000

2 posts

Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-68398
(9.1 CRITICAL)

EPSS: 0.15%

updated 2025-12-19T18:00:18.330000

2 posts

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.

CVE-2025-34452
(0 None)

EPSS: 0.42%

updated 2025-12-19T18:00:18.330000

1 posts

Streama versions 1.10.0 through 1.10.5 and prior to commit b7c8767 contain a combination of path traversal and server-side request forgery (SSRF) vulnerabilities in that allow an authenticated attacker to write arbitrary files to the server filesystem. The issue exists in the subtitle download functionality, where user-controlled parameters are used to fetch remote content and construct file paths

CVE-2025-64236
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-12-19T18:00:18.330000

1 posts

Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6.

CVE-2025-14738
(0 None)

EPSS: 0.07%

updated 2025-12-19T18:00:18.330000

1 posts

Improper authentication vulnerability in TP-Link WA850RE (httpd modules) allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.

CVE-2025-40602
(6.6 MEDIUM)

EPSS: 2.09%

updated 2025-12-19T13:57:43.150000

1 posts

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

2 repos

https://github.com/cyberleelawat/CVE-2025-40602

https://github.com/rxerium/CVE-2025-40602

CVE-2025-1927
(7.1 HIGH)

EPSS: 0.01%

updated 2025-12-19T12:31:33

1 posts

Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025.

CVE-2025-1885
(5.4 MEDIUM)

EPSS: 0.03%

updated 2025-12-19T12:31:32

1 posts

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing.This issue affects Online Food Delivery System: through 19122025.

CVE-2025-14151
(6.1 MEDIUM)

EPSS: 0.10%

updated 2025-12-19T09:30:39

1 posts

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'outbound_resource' parameter in the slimtrack AJAX action in all versions up to, and including, 5.3.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will

CVE-2025-66521
(6.3 MEDIUM)

EPSS: 0.02%

updated 2025-12-19T09:30:39

1 posts

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Trusted Certificates feature. A crafted payload can be injected as the certificate name, which is later rendered into the DOM without proper sanitization. As a result, the injected script executes each time the Trusted Certificates view is loaded.

CVE-2025-66520
(6.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-19T09:30:39

1 posts

A stored cross-site scripting (XSS) vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud (pdfonline.foxit.com). User-supplied SVG files are not properly sanitized or validated before being inserted into the HTML structure. As a result, embedded HTML or JavaScript within a crafted SVG may execute whenever the Portfolio file list is rendered.

CVE-2025-68490(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-19T06:30:34

1 posts

Rejected reason: Not used

CVE-2025-68489(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-12-19T06:30:34

1 posts

Rejected reason: Not used

CVE-2025-68491
(0 None)

EPSS: 0.00%

updated 2025-12-19T04:16:02.150000

1 posts

Rejected reason: Not used

CVE-2025-68488
(0 None)

EPSS: 0.00%

updated 2025-12-19T04:16:01.953000

1 posts

Rejected reason: Not used

CVE-2025-68487
(0 None)

EPSS: 0.00%

updated 2025-12-19T04:16:01.883000

1 posts

Rejected reason: Not used

CVE-2025-11774
(8.3 HIGH)

EPSS: 0.04%

updated 2025-12-19T03:31:23

2 posts

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the software keyboard function (hereinafter referred to as "keypad function") of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 CFR3 and

CVE-2025-14908
(6.3 MEDIUM)

EPSS: 0.06%

updated 2025-12-19T03:31:23

1 posts

A security flaw has been discovered in JeecgBoot up to 3.9.0. The affected element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the component Multi-Tenant Management Module. Performing manipulation of the argument ID results in improper authentication. The attack can be initiated rem

CVE-2025-14899
(4.7 MEDIUM)

EPSS: 0.03%

updated 2025-12-19T03:31:23

1 posts

A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-67843
(8.3 HIGH)

EPSS: 0.25%

updated 2025-12-19T03:31:18

1 posts

A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file.

CVE-2025-13941
(8.8 HIGH)

EPSS: 0.01%

updated 2025-12-19T03:31:18

1 posts

A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in execution of arbitrary code with SYSTEM privileges.

CVE-2025-64675
(8.3 HIGH)

EPSS: 0.06%

updated 2025-12-19T00:31:52

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-68382
(6.5 MEDIUM)

EPSS: 0.05%

updated 2025-12-19T00:31:47

1 posts

Out-of-bounds read (CWE-125) allows an unauthenticated remote attacker to perform a buffer overflow (CAPEC-100) via the NFS protocol dissector, leading to a denial-of-service (DoS) through a reliable process crash when handling truncated XDR-encoded RPC messages.

CVE-2025-65037
(10.0 CRITICAL)

EPSS: 0.10%

updated 2025-12-19T00:31:47

1 posts

Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.

CVE-2025-64663
(10.0 CRITICAL)

EPSS: 0.06%

updated 2025-12-19T00:31:47

1 posts

Custom Question Answering Elevation of Privilege Vulnerability

CVE-2025-13427(CVSS UNKNOWN)

EPSS: 0.14%

updated 2025-12-19T00:31:46

1 posts

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific API requests. All versions after August 20th, 2025 have been updated to protect from this vulnerability

CVE-2025-64677
(8.2 HIGH)

EPSS: 0.07%

updated 2025-12-19T00:31:46

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-64676
(7.2 HIGH)

EPSS: 0.10%

updated 2025-12-19T00:31:46

1 posts

'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.

CVE-2025-14739(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-12-18T21:31:50

1 posts

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

CVE-2025-14884
(7.2 HIGH)

EPSS: 0.27%

updated 2025-12-18T18:30:38

2 posts

A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-14896
(7.5 HIGH)

EPSS: 0.04%

updated 2025-12-18T18:30:37

1 posts

due to insufficient sanitazation in Vega’s `convert()` function when `safeMode` is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitive information.

CVE-2025-14878
(9.8 CRITICAL)

EPSS: 0.15%

updated 2025-12-18T18:30:37

2 posts

A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

CVE-2025-14737(CVSS UNKNOWN)

EPSS: 0.73%

updated 2025-12-18T18:30:37

1 posts

Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.

CVE-2025-63391
(7.5 HIGH)

EPSS: 0.10%

updated 2025-12-18T18:30:37

1 posts

An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers.

CVE-2025-59374
(9.8 CRITICAL)

EPSS: 35.96%

updated 2025-12-18T15:42:03.790000

3 posts

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has

CVE-2025-20393
(10.0 CRITICAL)

EPSS: 6.77%

updated 2025-12-18T15:41:16.840000

7 posts

Cisco is aware of a potential vulnerability.&nbsp; Cisco is currently investigating and&nbsp;will update these details as appropriate&nbsp;as more information becomes available.

4 repos

https://github.com/StasonJatham/cisco-sa-sma-attack-N9bf4

https://github.com/Ashwesker/Blackash-CVE-2025-20393

https://github.com/cyberleelawat/CVE-2025-20393

https://github.com/KingHacker353/CVE-2025-20393

CVE-2025-64466
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-18T15:30:52

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-64469
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-18T15:30:51

1 posts

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-64467
(7.8 HIGH)

EPSS: 0.02%

updated 2025-12-18T15:30:45

1 posts

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions.

CVE-2025-13110
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-12-18T15:07:18.427000

1 posts

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to create product messenger subscriptions on be

CVE-2025-68154
(8.1 HIGH)

EPSS: 0.06%

updated 2025-12-16T22:37:26

1 posts

## Summary The `fsSize()` function in `systeminformation` is vulnerable to **OS Command Injection (CWE-78)** on Windows systems. The optional `drive` parameter is directly concatenated into a PowerShell command without sanitization, allowing arbitrary command execution when user-controlled input reaches this function. **Affected Platforms:** Windows only **CVSS Breakdown:** - **Attack Vector

CVE-2025-46295
(9.8 CRITICAL)

EPSS: 0.33%

updated 2025-12-16T21:32:02

1 posts

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution. This vulnerability has been fully addressed in FileMaker Serve

CVE-2025-59718
(9.8 CRITICAL)

EPSS: 5.95%

updated 2025-12-16T21:30:51

2 posts

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7

3 repos

https://github.com/Ashwesker/Blackash-CVE-2025-59718

https://github.com/moften/CVE-2025-59718-Fortinet-Poc

https://github.com/exfil0/CVE-2025-59718-PoC

CVE-2025-68260(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-12-16T15:30:56

2 posts

In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix race condition on death_list Rust Binder contains the following unsafe operation: // SAFETY: A `NodeDeath` is never inserted into the death list // of any node other than its owner, so it is either in this // death list or in no death list. unsafe { node_inner.death_list.remove(self) }; This operation is u

CVE-2025-9612
(5.1 MEDIUM)

EPSS: 0.01%

updated 2025-12-11T15:31:38

1 posts

An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.

CVE-2025-59719
(9.8 CRITICAL)

EPSS: 0.07%

updated 2025-12-09T18:30:52

1 posts

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

1 repos

https://github.com/moften/CVE-2025-59718-Fortinet-Poc

CVE-2025-55182
(10.0 CRITICAL)

EPSS: 46.72%

updated 2025-12-09T16:53:25

2 posts

### Impact There is an unauthenticated remote code execution vulnerability in React Server Components. We recommend upgrading immediately. The vulnerability is present in versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 of: * [react-server-dom-webpack](https://www.npmjs.com/package/react-server-dom-webpack) * [react-server-dom-parcel](https://www.npmjs.com/package/react-server-dom-parcel) * [react-s

Nuclei template

100 repos

https://github.com/msanft/CVE-2025-55182

https://github.com/MoLeft/React2Shell-Toolbox

https://github.com/fullhunt/react2shell-test-server

https://github.com/aliclub0x00/CVE-2025-55182-POC-NEXTJS

https://github.com/ThemeHackers/CVE-2025-55182

https://github.com/mrknow001/RSC_Detector

https://github.com/C00LN3T/React2Shell

https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension

https://github.com/BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js

https://github.com/xiaopeng-ye/react2shell-detector

https://github.com/zr0n/react2shell

https://github.com/SainiONHacks/CVE-2025-55182-Scanner

https://github.com/Pizz33/CVE-2025-55182-burpscanner

https://github.com/Ashwesker/Blackash-CVE-2025-55182

https://github.com/ynsmroztas/NextRce

https://github.com/xcanwin/CVE-2025-55182-React-RCE

https://github.com/BeichenDream/CVE-2025-55182-GodzillaMemoryShell

https://github.com/hoosin/CVE-2025-55182

https://github.com/techgaun/cve-2025-55182-scanner

https://github.com/l4rm4nd/CVE-2025-55182

https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-

https://github.com/zack0x01/vuln-app-CVE-2025-55182

https://github.com/yz9yt/React2Shell-CTF

https://github.com/freeqaz/react2shell

https://github.com/xalgord/React2Shell

https://github.com/alsaut1/react2shell-lab

https://github.com/ZihxS/check-react-rce-cve-2025-55182

https://github.com/Spritualkb/CVE-2025-55182-exp

https://github.com/ejpir/CVE-2025-55182-bypass

https://github.com/im-ezboy/CVE-2025-55182-zoomeye

https://github.com/dwisiswant0/CVE-2025-55182

https://github.com/songsanggggg/CVE-2025-55182

https://github.com/whiteov3rflow/CVE-2025-55182-poc

https://github.com/hidden-investigations/react2shell-scanner

https://github.com/alfazhossain/CVE-2025-55182-Exploiter

https://github.com/fatguru/CVE-2025-55182-scanner

https://github.com/kavienanj/CVE-2025-55182

https://github.com/VeilVulp/RscScan-cve-2025-55182

https://github.com/Dh4v4l8/CVE-2025-55182-poc-tool

https://github.com/EynaExp/CVE-2025-55182-POC

https://github.com/hualy13/CVE-2025-55182

https://github.com/shamo0/react2shell-PoC

https://github.com/vijay-shirhatti/RSC-Detect-CVE-2025-55182

https://github.com/Rsatan/Next.js-Exploit-Tool

https://github.com/pax-k/react2shell-CVE-2025-55182-full-rce-script

https://github.com/TrixSec/CVE-2025-55182-Scanner

https://github.com/anuththara2007-W/CVE-2025-55182-Exploit-extension

https://github.com/sho-luv/React2Shell

https://github.com/chrahman/react2shell-CVE-2025-55182-full-rce-script

https://github.com/shyambhanushali/React2Shell

https://github.com/ejpir/CVE-2025-55182-research

https://github.com/sumanrox/rschunter

https://github.com/StealthMoud/CVE-2025-55182-Scanner

https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE

https://github.com/c0rydoras/CVE-2025-55182

https://github.com/XiaomingX/CVE-2025-55182-poc

https://github.com/emredavut/CVE-2025-55182

https://github.com/timsonner/React2Shell-CVE-2025-55182

https://github.com/santihabib/CVE-2025-55182-analysis

https://github.com/MrR0b0t19/CVE-2025-55182-shellinteractive

https://github.com/sudo-Yangziran/CVE-2025-55182POC

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182-The-Deserialization-Bug-That-Broke-the-Web

https://github.com/Security-Phoenix-demo/react2shell-scanner-rce-react-next-CVE-2025-55182-CVE-2025-66478

https://github.com/logesh-GIT001/CVE-2025-55182

https://github.com/RuoJi6/CVE-2025-55182-RCE-shell

https://github.com/acheong08/CVE-2025-55182-poc

https://github.com/CirqueiraDev/MassExploit-CVE-2025-55182

https://github.com/GelukCrab/React-Server-Components-RCE

https://github.com/f0xyx/CVE-2025-55182-Scanner

https://github.com/SoICT-BKSEC/CVE-2025-55182-docker-lab

https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc

https://github.com/onlylovetx/CVE-2025-55182-CVE-2025-66478-Exploit-GUI

https://github.com/LemonTeatw1/CVE-2025-55182-exploit

https://github.com/zzhorc/CVE-2025-55182

https://github.com/yanoshercohen/React2Shell_CVE-2025-55182

https://github.com/Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-

https://github.com/sickwell/CVE-2025-55182

https://github.com/theori-io/reactguard

https://github.com/xkillbit/cve-2025-55182-scanner

https://github.com/kOaDT/poc-cve-2025-55182

https://github.com/websecuritylabs/React2Shell-Library

https://github.com/AliHzSec/CVE-2025-55182

https://github.com/heiheishushu/rsc_detect_CVE-2025-55182

https://github.com/AggressiveUser/React2Hell

https://github.com/pyroxenites/Nextjs_RCE_Exploit_Tool

https://github.com/Chocapikk/CVE-2025-55182

https://github.com/CymulateResearch/React2Shell-Scanner

https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell

https://github.com/gensecaihq/react2shell-scanner

https://github.com/keklick1337/CVE-2025-55182-golang-PoC

https://github.com/Saturate/CVE-2025-55182-Scanner

https://github.com/jf0x3a/CVE-2025-55182-exploit

https://github.com/hackersatyamrastogi/react2shell-ultimate

https://github.com/raivenLockdown/RCE_React2Shell_ButCooler-SomeUselessUsefulThingsLMAO-

https://github.com/assetnote/react2shell-scanner

https://github.com/cybertechajju/R2C-CVE-2025-55182-66478

https://github.com/rix4uni/CVE-2025-55182

https://github.com/subhdotsol/CVE-2025-55182

https://github.com/nehkark/CVE-2025-55182

https://github.com/surajhacx/react2shellpoc