DATE

NAME

CATEGORY

SUB

CVE-2024-37079

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

CVE-2025-54313

(CVSS score: 7.5) - An embedded malicious code vulnerability in eslint-config-prettier that could allow for execution of a malicious DLL dubbed Scavenger Loader that's designed to deliver an information stealer

CVE-2025-31125

(CVSS score: 5.3) - An improper access control vulnerability in Vite Vitejs that could allow contents of arbitrary files to be returned to the browser using ?inline&import or ?raw?import (Fixed in March 2025 with versions 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11)

CVE-2025-34026

(CVSS score: 9.2) - An authentication bypass in the Versa Concerto SD-WAN orchestration platform that could allow an attacker to access administrative endpoints (Fixed in April 2025 with version 12.2.1 GA)

CVE-2025-68645

(CVSS score: 8.8) - A PHP remote file inclusion vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow a remote attacker to craft requests to the "/h/rest" endpoint and allow inclusion of arbitrary files from the WebRoot directory without any authentication (Fixed in November 2025 with version 10.1.13)

CVE-2025-59719

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVE-2025-59718

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &

CVE-2026-22844

A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access.

ChainLeak

ChainLeak: Critical AI framework vulnerabilities expose data, enable cloud takeover

AI

CVE-2026-1245

A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters.

CVE-2025-29943

Improper access control within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline, potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.

CVE-2025-6965

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

CVE-2025-36911

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2025-22226

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

CVE-2025-22225

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

CVE-2025-22224

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

CVE-2025-68428

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal.

CVE-2026-0625

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality

CVE-2025-20393

Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager

CodeBreach

CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild

CVE-2026-23550

Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue affects Modular DS: from n/a through 2.5.1.

CVE-2026-0227

PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal

CVE-2025-12420

A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.

CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.

CVE-2025-64155

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSIEM may allow an unauthenticated attacker to execute unauthorized code or commands via crafted TCP requests.

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

CVE-2025-69260

(CVSS score: 7.5) - A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations

CVE-2025-69259

(CVSS score: 7.5) - A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations

CVE-2025-66209

(CVSS score: 10.0) - A command injection vulnerability in the database backup functionality allows any authenticated user with database backup permissions to execute arbitrary commands on the host server, resulting in container escape and full server compromise

CVE-2025-66210

(CVSS score: 10.0) - An authenticated command injection vulnerability in the database import functionality allows attackers to execute arbitrary commands on managed servers, leading to full infrastructure compromise

CVE-2025-66211

(CVSS score: 10.0) - A command injection vulnerability in the PostgreSQL init script management allows authenticated users with database permissions to execute arbitrary commands as root on the server

CVE-2025-66212

(CVSS score: 10.0) - An authenticated command injection vulnerability in the Dynamic Proxy Configuration functionality allows users with server management permissions to execute arbitrary commands as root on managed servers

CVE-2025-66213

(CVSS score: 10.0) - An authenticated command injection vulnerability in the File Storage Directory Mount functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers

CVE-2025-64419

(CVSS score: 9.7) - A command injection vulnerability via docker-compose.yaml that enables attackers to execute arbitrary system commands as root on the Coolify instance

CVE-2025-64420

(CVSS score: 10.0) - An information disclosure vulnerability that allows low-privileged users to view the private key of the root user on the Coolify instance, allowing them to gain unauthorized access to the server via SSH and authenticate as the root user using the key

CVE-2025-64424

(CVSS score: 9.4) - A command injection vulnerability was found in the git source input fields of a resource, allowing a low-privileged user (member) to execute system commands as root on the Coolify instance

CVE-2025-59156

(CVSS score: 9.4) - An operating system command injection vulnerability that allows a low-privileged user to inject arbitrary Docker Compose directives and achieve root-level command execution on the underlying host

CVE-2025-59157

(CVSS score: 10.0) - An operating system command injection vulnerability that allows a regular user to inject arbitrary shell commands that execute on the underlying server by using the Git Repository field during deployment

CVE-2025-59158

(CVSS score: 9.4) - An improper encoding or escaping of the data that allows an authenticated user with low privileges to conduct a stored cross-site scripting (XSS) attack during project creation that's automatically executed in the browser context when an administrator later attempts to delete the project or its associated resource

RedLeaves

CVE-2026-20029

A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.  This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC.

CVE-2025-37164

(CVSS score: 10.0) - A code injection vulnerability in HPW OneView that allows a remote unauthenticated user to perform remote code execution

CVE-2009-0556

(CVSS score: 8.8) - A code injection vulnerability in Microsoft Office PowerPoint that allows remote attackers to execute arbitrary code by means of memory corruption

CVE-2026-21858

A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker.

CVE-2026-21877

Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service. This could result in full compromise of the affected instance.

CVE-2025-59469

(CVSS score: 7.2) - A vulnerability that allows a Backup or Tape Operator to write files as root

CVE-2025-59468

(CVSS score: 6.7) - A vulnerability that allows a Backup Administrator to perform RCE as the postgres user by sending a malicious password parameter

CVE-2025-55125

(CVSS score: 7.2) - A vulnerability that allows a Backup or Tape Operator to perform RCE as root by creating a malicious backup configuration file

CVE-2025-59470

Resolved in Veeam Backup & Replication 13.0.1.1071

CVE-2026-0625

Multiple D-Link DSL gateway devices contain a command injection vulnerability in the dnscfg.cgi endpoint due to improper sanitization of user-supplied DNS configuration parameters.

CVE-2025-65606

TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service

CVE-2025-68668

n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide

CVE-2020-12812

An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.

CVE-2025-59230

An elevation-of-privilege (EoP) vulnerability in Windows’ Remote Access Connection Manager (RasMan) service. A locally authenticated attacker could exploit improper access control to escalate their privileges to SYSTEM level on affected Windows installations.

CVE-2025-10294

A critical authentication bypass in the OwnID Passwordless Login plugin for WordPress. Due to improper validation of a shared secret, unauthenticated attackers could log in as arbitrary users, including administrators, without credentials.

CVE-2025-59295

A heap-based buffer overflow in the Windows MSHTML/Internet Explorer component, enabling arbitrary code execution via specially crafted data sent over the network.

CVE-2025-14847

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions

VULNEREBILITY

VULNEREBILITY