Cut the noise.
Know which vulnerabilities demand action.

Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.

Analytics

EPSS Trending (30d)

Threat Indicators

829
CISA KEV
244
Exploits
493
Proof-of-Concept
7.2%
Average EPSS

EPSS Hot Zone

|
Sort by:
KEV Prediction — Top%
EPSS Percentile — Top%

Emerging Vulnerabilities

18 Jun/26
CVE-2026-12569
CRITICAL

This vulnerability is a remote code execution flaw resulting from insecure deserialization of untrusted data within PTC Windchill PDMLink and FlexPLM components. Specifically, the deserialization process fails to properly validate or sanitize incoming serialized objects, allowing malicious payloads to be executed during object reconstruction. The affected components include all CPS versions and Windchill/FlexPLM releases prior to 11.0 M030, where the deserialization functionality is exposed to network input.

CVSS 9.3
EPSS 1.2%
KEV Pred in 7d
Product PTC Windchill PDMLink ptc
CVSS v4.0 KEV CWE-20
27 May/26
CVE-2026-48027
CRITICAL

This vulnerability arises from the publication of a maliciously altered version of the Nx Console extension (version 18.95.0) for Visual Studio Code and OpenVSX. The root cause is the distribution of a compromised package through official extension marketplaces, affecting the integrity verification and supply chain of the Nx Console user interface component. The compromised version contains unauthorized code introduced during the build or publishing process, impacting the extension's execution environment within the IDE.

CVSS 9.8
EPSS 1.8%
KEV Pred 66%
Product nrwl nx-console nrwl
CVSS v3.1 CVSS v4.0 KEV CWE-506 RANSOMWARE
22 May/26
CVE-2026-34909
CRITICAL

This vulnerability is a Path Traversal flaw (CWE-22) in Ubiquiti UniFi OS Server and related firmware components. The root cause is insufficient validation of user-supplied file path inputs, allowing traversal sequences to access files outside the intended directory scope. The affected components include UniFi OS Server and various UniFi device firmware versions that handle file requests without proper sanitization.

CVSS 10.0
EPSS 2.3%
KEV Pred 83%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-22
15 May/26
CVE-2026-8398
CRITICAL

This vulnerability is a supply chain compromise affecting the build and distribution process of AVB Disc Soft's DAEMON Tools Lite Windows installer packages, specifically versions 12.5.0.2421 through 12.5.0.2434. The root cause is unauthorized access to the vendor's build infrastructure, allowing attackers to inject malicious code into three signed binaries (DTHelper.exe, DiscSoftBusServiceLite.exe, DTShellHlp.exe). The trojanized binaries maintain valid digital signatures, impacting the integrity verification mechanism of the installation process.

CVSS 9.8
EPSS 1.5%
KEV Pred 51%
Product AVB Disc Soft DAEMON Tools Lite avb
CVSS v3.1 CVSS v4.0 KEV CWE-506
07 May/26
CVE-2026-6973
HIGH

This vulnerability is an improper input validation flaw within Ivanti Endpoint Manager Mobile's administrative interface. The root cause lies in insufficient sanitization of inputs processed by privileged functions, enabling crafted input to bypass validation controls. The affected component is the administrative access functionality in versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1.

CVSS 7.2
EPSS 34.5%
KEV Pred 69%
Product Ivanti Endpoint Manager Mobile ivanti
CVSS v3.1 KEV CWE-20
25 Feb/26
CVE-2026-22719
HIGH

This vulnerability is a command injection flaw rooted in improper input validation within VMware Aria Operations. Specifically, the support-assisted product migration component fails to sanitize user-supplied input, allowing execution of arbitrary system commands. The affected feature processes migration-related commands without adequate filtering, enabling injection through crafted inputs during migration operations.

CVSS 8.1
EPSS 17.4%
KEV Pred 61%
Product VMware Aria Operations vmware
CVSS v3.1 KEV CWE-77
25 Feb/26
CVE-2026-20122
MEDIUM

This vulnerability is a file overwrite flaw caused by improper file handling in the API interface of Cisco Catalyst SD-WAN Manager. Specifically, the API allows authenticated users with read-only credentials to upload files without sufficient validation or restrictions, enabling arbitrary file overwrite on the local filesystem. The affected component is the API subsystem responsible for processing file uploads within the SD-WAN Manager product.

CVSS 5.4
EPSS 7.0%
KEV Pred 74%
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-648
25 Feb/26
CVE-2026-20133
HIGH

This vulnerability is an information disclosure flaw caused by insufficient file system access controls within Cisco Catalyst SD-WAN Manager. The root cause lies in the improper enforcement of access restrictions on API endpoints, allowing unauthorized read access to sensitive files on the underlying operating system. The affected component is the API interface of the Cisco Catalyst SD-WAN Manager software.

CVSS 7.5
EPSS 10.2%
KEV Pred 71%
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-200
17 Feb/26
CVE-2026-22769
CRITICAL

This vulnerability is a hardcoded credential flaw within Dell RecoverPoint for Virtual Machines prior to version 6.0.3.1 HF1. The root cause is the presence of static, embedded authentication credentials in the software, which are accessible without authentication. The affected component is the authentication mechanism of the RecoverPoint for Virtual Machines management interface, allowing unauthorized access to privileged functions.

CVSS 10.0
EPSS 13.1%
KEV Pred 60%
Product Dell RecoverPoint for Virtual Machines dell
CVSS v3.1 KEV CWE-798
13 Feb/26
CVE-2026-25108
HIGH

This vulnerability is an OS command injection flaw in Soliton Systems K.K. FileZen, specifically triggered when the FileZen Antivirus Check Option is enabled. The root cause lies in insufficient input validation of user-supplied data within HTTP requests, allowing injection of arbitrary operating system commands. The affected component is the FileZen web interface handling these specially crafted requests from authenticated users.

CVSS 8.8
EPSS 5.0%
KEV Pred 51%
Product Soliton Systems K.K. FileZen soliton
CVSS v3.1 CVSS v4.0 KEV CWE-78
10 Feb/26
CVE-2026-21513
HIGH

This vulnerability is a protection mechanism failure within the MSHTML Framework component of Microsoft Windows 10, specifically affecting versions 1607, 1809, and 21H2 across multiple architectures. The root cause lies in an insufficient enforcement of security controls that allow bypassing of a critical security feature during processing of web content. The failure occurs at the component level responsible for rendering and handling HTML content, enabling unauthorized manipulation of the security boundary.

CVSS 8.8
EPSS 15.4%
KEV Pred 77%
Product Microsoft Windows 10 Version 1607 microsoft
CVSS v3.1 KEV CWE-693 RANSOMWARE
05 Jan/26
CVE-2025-66376
MEDIUM

This vulnerability is a stored Cross-Site Scripting (XSS) flaw affecting the Classic UI component of Zimbra Collaboration Suite (ZCS). The root cause lies in improper sanitization of Cascading Style Sheets (CSS) @import directives embedded within HTML email messages, allowing malicious CSS to be stored and later executed in the user interface. The flaw exists in ZCS versions prior to 10.0.18 and 10.1.13, specifically in the handling of HTML email content rendering.

CVSS 6.1
EPSS 12.0%
KEV Pred 79%
Product Zimbra Collaboration zimbra
CVSS v3.1 KEV CWE-79
17 Dec/25
CVE-2025-59374
CRITICAL

This vulnerability originates from unauthorized modifications introduced into specific builds of the ASUS Live Update client through a supply chain compromise. The root cause is the presence of altered code within the update client binary that triggers unintended actions under certain targeting conditions. The affected component is the ASUS Live Update client software, which has reached End-of-Support as of October 2021.

CVSS 9.8
EPSS 1.1%
KEV Pred 74%
Product ASUS live update asus
CVSS v3.1 CVSS v4.0 KEV CWE-506
05 Dec/25
CVE-2025-66644
CRITICAL

This vulnerability is a command injection flaw rooted in improper input validation within Array Networks ArrayOS AG versions prior to 9.4.5.9. The issue arises from insufficient sanitization of user-supplied data passed to system-level commands in the VPN appliance's management interface. The affected component is the ArrayOS AG software responsible for handling administrative command inputs, enabling attackers with elevated privileges to inject arbitrary commands.

CVSS 9.8
EPSS 3.1%
KEV Pred 78%
Product Array Networks ArrayOS AG array
CVSS v3.1 KEV CWE-78
17 Nov/25
CVE-2025-13223
HIGH

This vulnerability is a type confusion flaw occurring within the V8 JavaScript engine component of Google Chrome. The root cause lies in improper handling of object types during runtime, which leads to heap memory corruption. The affected feature is the V8 engine's internal type system prior to version 142.0.7444.175, where crafted inputs can manipulate the engine's assumptions about object types.

CVSS 8.8
EPSS 4.8%
KEV Pred 75%
Product Google Chrome google
CVSS v3.1 KEV CWE-843
05 Nov/25
CVE-2023-43000
HIGH

This vulnerability is a use-after-free flaw arising from improper memory management in the processing of web content within Apple’s Safari browser and underlying OS components. The root cause involves the premature release of memory objects that are subsequently accessed, leading to memory corruption. Affected components include the Safari browser engine and web content processing modules in macOS Ventura, iOS, and iPadOS.

CVSS 8.8
EPSS 4.0%
KEV Pred 74%
Product Apple macOS apple
CVSS v3.1 KEV CWE-416
20 Oct/25
CVE-2025-61932
CRITICAL

The vulnerability in MOTEX Inc. Lanscope Endpoint Manager (On-Premises) arises from improper verification of the origin of incoming network requests. Specifically, the Client program (MR) and Detection agent (DA) components fail to validate the authenticity of packets received, enabling an attacker to craft and send malicious packets that are processed without adequate origin checks. This flaw is rooted in insufficient input validation within the network communication handling modules of the endpoint management system.

CVSS 9.8
EPSS 2.7%
KEV Pred 80%
Product MOTEX Inc. Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) motex
CVSS v3.1 CVSS v4.0 KEV CWE-940
15 Oct/25
CVE-2025-53521
CRITICAL

This vulnerability is a remote code execution flaw arising from improper handling of specific malicious traffic within the Access Policy Manager (APM) feature of F5 BIG-IP virtual servers. The root cause lies in the APM access policy processing logic failing to adequately validate or sanitize crafted input, enabling execution of arbitrary code. The affected component is the BIG-IP APM access policy configured on virtual servers.

CVSS 9.8
EPSS 2.2%
KEV Pred 76%
Product F5 BIG-IP f5
CVSS v3.1 CVSS v4.0 KEV CWE-121
19 Sep/25
CVE-2025-59689
MEDIUM

This vulnerability is a command injection flaw rooted in improper input validation of compressed email attachments processed by Libraesva Email Security Gateway. The affected component fails to sanitize or securely handle shell commands embedded within these attachments, allowing crafted data to be executed on the underlying system. The flaw specifically impacts versions 4.5 through 5.5.x prior to designated patch releases, compromising the email attachment processing module.

CVSS 6.1
EPSS 1.9%
KEV Pred 82%
Product Libraesva Email Security Gateway libraesva
CVSS v3.1 KEV CWE-77
12 Sep/25
CVE-2025-21043
CRITICAL

This vulnerability is an out-of-bounds write occurring in the libimagecodec.quram.so library component of Samsung Mobile Devices. The root cause is improper bounds checking during image codec processing, which allows memory corruption by writing data outside the allocated buffer. This flaw exists in versions of the Android OS on Samsung devices prior to the SMR September 2025 Release 1.

CVSS 9.8
EPSS 1.4%
KEV Pred 76%
Product Samsung Mobile Devices samsung
CVSS v3.1 KEV CWE-787
29 Aug/25
CVE-2025-9377
HIGH

This vulnerability is an authenticated remote command injection in the Parental Control feature of TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9 firmware. The root cause lies in improper input validation on the Parental Control page, allowing shell commands to be injected and executed with elevated privileges. The flaw resides specifically in the firmware component handling user inputs on the Parental Control management interface.

CVSS 7.2
EPSS 11.7%
KEV Pred 71%
Product TP-Link Systems Inc. Archer C7(EU) V2 tp-link
CVSS v3.1 CVSS v4.0 KEV CWE-78
14 Aug/25
CVE-2025-8876
HIGH

This vulnerability is a command injection flaw caused by improper input validation in N-able N-central. The root cause lies in the failure to sanitize user-supplied inputs in specific components, enabling crafted inputs to be interpreted as operating system commands. The affected component is the N-central management platform prior to version 2025.3.1, where input handling mechanisms do not adequately restrict command execution vectors.

CVSS 8.8
EPSS 3.2%
KEV Pred 53%
Product N-able N-central n-able
CVSS v3.1 CVSS v4.0 KEV CWE-20
05 Aug/25
CVE-2025-54948
CRITICAL

This vulnerability is a command injection flaw rooted in insufficient input validation within the Trend Micro Apex One on-premise management console. The flaw allows unauthenticated remote attackers to upload and execute arbitrary code by exploiting the console's file upload handling mechanism. The affected component is the management console interface responsible for processing incoming requests without proper authentication checks or sanitization.

CVSS 9.8
EPSS 20.8%
KEV Pred 72%
Product Trend Micro, Inc. Trend Micro Apex One trend
CVSS v3.1 KEV CWE-78
24 Jun/25
CVE-2025-32975
CRITICAL

This vulnerability is an authentication bypass caused by improper validation in the Single Sign-On (SSO) authentication mechanism of Quest KACE Systems Management Appliance (SMA). The root cause lies in the flawed handling of authentication tokens or session states, allowing the system to incorrectly grant access without verifying legitimate credentials. The affected component is the SSO authentication handler across multiple SMA software versions prior to specified patch levels.

CVSS 10.0
EPSS 2.4%
KEV Pred 20%
Product Quest KACE Systems Management Appliance (SMA) quest
CVSS v3.1 KEV CWE-287
23 Jun/25
CVE-2025-48700
MEDIUM

This vulnerability is a Cross-Site Scripting (XSS) flaw rooted in insufficient sanitization of HTML content within the Zimbra Classic UI. The issue arises from improper handling of crafted tag structures and attribute values that include @import directives and other script injection vectors. The affected component is the Classic UI rendering engine that processes email message content, failing to neutralize malicious JavaScript payloads embedded in email bodies.

CVSS 6.1
EPSS 1.8%
KEV Pred 57%
Product synacor zimbra collaboration suite synacor
CVSS v3.1 KEV CWE-79
16 Jun/25
CVE-2025-43200
MEDIUM

This vulnerability is a logic flaw in the media processing component of Apple iOS and iPadOS, specifically when handling photos or videos shared via iCloud Link. The root cause lies in insufficient validation and improper processing logic for maliciously crafted media files, leading to incorrect handling of input data within the media parsing routines. This flaw affects the media handling subsystem across multiple Apple operating systems including iOS, iPadOS, macOS, visionOS, and watchOS.

CVSS 4.2
EPSS 1.0%
KEV Pred 78%
Product Apple iOS and iPadOS apple
CVSS v3.1 KEV
03 Jun/25
CVE-2025-27038
HIGH

This vulnerability is a use-after-free memory corruption occurring within the Adreno GPU driver component used by Qualcomm Snapdragon devices. The flaw arises from improper management of memory objects during graphics rendering operations in the Chrome environment, specifically related to the handling of GPU command buffers. The affected component is the Adreno GPU driver firmware across multiple Qualcomm firmware versions, leading to unsafe memory access conditions.

CVSS 7.5
EPSS 0.8%
KEV Pred 64%
Product Qualcomm, Inc. Snapdragon qualcomm,
CVSS v3.1 KEV CWE-416
28 May/25
CVE-2025-48927
MEDIUM

This vulnerability is an information disclosure flaw stemming from an exposed heap dump endpoint in the TeleMessage service's Spring Boot Actuator configuration. The root cause is the unsecured exposure of the /heapdump URI, which allows unauthenticated access to JVM heap memory dumps. The affected component is the Spring Boot Actuator's heap dump feature within TeleMessage service versions prior to 2025-05-05.

CVSS 5.3
EPSS 8.5%
KEV Pred 72%
Product TeleMessage service telemessage
CVSS v3.1 KEV CWE-1188
13 May/25
CVE-2025-42999
CRITICAL

This vulnerability is a deserialization flaw in the SAP NetWeaver Visual Composer Metadata Uploader component. The root cause is improper validation and handling of serialized metadata content uploaded by privileged users, allowing untrusted or malicious data to be deserialized. This flaw affects the Visual Composer development server within SAP NetWeaver 7.5, specifically the metadata upload functionality that processes serialized input without sufficient integrity checks.

CVSS 9.1
EPSS 11.2%
KEV Pred 65%
Product SAP_SE SAP NetWeaver (Visual Composer development server) sap_se
CVSS v3.1 KEV CWE-502
08 May/25
CVE-2025-47729
MEDIUM

The vulnerability is an information exposure flaw caused by the TeleMessage archiving backend storing message data in cleartext form. This occurs within the backend component responsible for archiving messages from the TM SGNL (Archive Signal) application. The root cause is the backend's failure to apply end-to-end encryption to archived messages, contrary to the documented encryption claims.

CVSS 4.9
EPSS 0.4%
KEV Pred 67%
Product TeleMessage archiving backend telemessage
CVSS v3.1 KEV CWE-912
07 May/25
CVE-2025-35939
MEDIUM

This vulnerability is a server-side file injection issue rooted in improper handling of session data in Craft CMS. The system stores arbitrary content from unauthenticated users directly into session files located on the server without sanitization. The affected component is the session management mechanism that writes user-supplied return URLs into session files named with predictable patterns under '/var/lib/php/sessions'.

CVSS 5.3
EPSS 1.1%
KEV Pred 62%
Product Craft CMS craft
CVSS v3.1 CVSS v4.0 KEV CWE-472
05 May/25
CVE-2025-27920
HIGH

This vulnerability is a directory traversal flaw caused by improper sanitization of file path parameters in Srimax Output Messenger versions prior to 2.0.63. The affected component fails to correctly validate or normalize user-supplied input containing "../" sequences, allowing traversal outside the intended directory scope. This weakness resides in the file handling routines responsible for managing resource access within the messaging application.

CVSS 8.8
EPSS 1.8%
KEV Pred 70%
Product Srimax Output Messenger srimax
CVSS v3.1 KEV CWE-24 RANSOMWARE
25 Apr/25
CVE-2025-3935
HIGH

This vulnerability is a ViewState code injection issue affecting ASP.NET Web Forms used by ConnectWise ScreenConnect versions 25.2.3 and earlier. The root cause lies in the reliance on ViewState, which encodes page and control state data in Base64 and protects it using machine keys. If an attacker obtains these machine keys, they can craft malicious ViewState payloads that the server deserializes, leading to code injection via the ViewState mechanism.

CVSS 7.2
EPSS 3.3%
KEV Pred 64%
Product ConnectWise ScreenConnect connectwise
CVSS v3.1 KEV CWE-502
25 Apr/25
CVE-2025-3928
HIGH

This vulnerability is a remote authenticated code execution flaw in the Commvault Web Server caused by improper input validation allowing attackers to upload and execute malicious webshells. The root cause lies in the webserver's failure to restrict file upload or execution permissions, enabling crafted requests to deploy arbitrary code. The affected component is the webserver module handling file creation and execution on both Windows and Linux platforms.

CVSS 8.8
EPSS 1.9%
KEV Pred 73%
Product Commvault Web Server commvault
CVSS v3.1 CVSS v4.0 KEV
18 Apr/25
CVE-2025-42599
CRITICAL

The vulnerability is a stack-based buffer overflow in QUALITIA CO., LTD. Active! mail 6, specifically in BuildInfo versions 6.60.05008561 and earlier. The root cause lies in improper bounds checking when processing incoming requests, allowing excessive data to overwrite stack memory. This flaw affects the request handling component of the Active! mail 6 server, enabling memory corruption through crafted input.

CVSS 9.8
EPSS 3.1%
KEV Pred 70%
Product QUALITIA CO., LTD. Active! mail 6 qualitia
CVSS v3.1 KEV CWE-121
16 Apr/25
CVE-2025-31201
CRITICAL

This vulnerability is a bypass of Pointer Authentication implemented in Apple operating systems. The root cause lies in the presence of vulnerable code that allows an attacker with arbitrary memory read and write capabilities to circumvent the integrity checks enforced by Pointer Authentication. The affected components include Apple iOS, iPadOS, macOS Sequoia, tvOS, and visionOS, where Pointer Authentication is used to protect against memory corruption attacks.

CVSS 9.8
EPSS 12.8%
KEV Pred 73%
Product Apple iOS and iPadOS apple
CVSS v3.1 KEV CWE-1220
24 Mar/25
CVE-2025-2749
HIGH

This vulnerability is an authenticated path traversal and arbitrary file upload flaw in Kentico Xperience's Staging Sync Server component. The root cause lies in insufficient validation of user-supplied file paths during the upload process, allowing traversal to unintended directories. This improper sanitization enables attackers to place files outside the intended storage location, including executable content, within affected versions through 13.0.178.

CVSS 7.2
EPSS 3.9%
KEV Pred 64%
Product Kentico Xperience kentico
CVSS v3.1 KEV CWE-22
19 Mar/25
CVE-2025-30154
HIGH

The vulnerability is a supply chain compromise involving the reviewdog/action-setup GitHub Action, where malicious code was injected into the version v1 of the action. The root cause is unauthorized modification of the action's source code repository, resulting in the inclusion of code that exfiltrates secrets. This affects the reviewdog/action-setup component and all other reviewdog GitHub Actions that depend on reviewdog/action-setup@v1, regardless of version pinning.

CVSS 8.6
EPSS 2.3%
KEV Pred 56%
Product reviewdog reviewdog
CVSS v3.1 KEV CWE-506
12 Mar/25
CVE-2025-27915
MEDIUM

This vulnerability is a stored cross-site scripting (XSS) flaw arising from insufficient sanitization of HTML content within ICS calendar files processed by the Classic Web Client of Zimbra Collaboration Suite versions 9.0, 10.0, and 10.1. The root cause lies in the improper handling of embedded JavaScript triggered by the ontoggle event inside the <details> HTML tag when rendering ICS file contents in email messages. This flaw affects the email rendering component responsible for displaying calendar invitations and related ICS data.

CVSS 5.4
EPSS 4.2%
KEV Pred 69%
Product Synacor Zimbra Collaboration Suite (ZCS) synacor
CVSS v3.1 KEV CWE-79
11 Mar/25
CVE-2025-24984
MEDIUM

This vulnerability is an information disclosure issue caused by improper handling of sensitive data within the Windows NTFS logging mechanism. Specifically, sensitive information is inserted into log files without adequate protection or sanitization. The flaw resides in the logging component of Microsoft Windows 10 versions 1507, 1607, and 1809, affecting both x64 and x86 architectures, allowing unauthorized physical access to retrieve sensitive data from logs.

CVSS 4.6
EPSS 1.8%
KEV Pred 85%
Product Microsoft Windows 10 Version 1507 microsoft
CVSS v3.1 KEV CWE-532 RANSOMWARE
19 Feb/25
CVE-2025-24989
CRITICAL

This vulnerability is an improper access control flaw within Microsoft Power Pages, specifically affecting the user registration control mechanism. The root cause lies in the failure to enforce proper authorization checks on registration-related network requests, enabling unauthorized privilege escalation. The affected component is the registration control feature of Power Pages that manages user sign-up and access permissions.

CVSS 9.8
EPSS 1.7%
KEV Pred 64%
Product Microsoft Power Pages microsoft
CVSS v3.1 KEV CWE-284 RANSOMWARE
12 Feb/25
CVE-2025-0111
MEDIUM

This vulnerability is an authenticated file read flaw in Palo Alto Networks PAN-OS software, specifically affecting the management web interface component. The root cause lies in improper access control allowing an authenticated user with network access to read arbitrary files on the PAN-OS filesystem that are accessible by the "nobody" user. The flaw arises from insufficient restrictions on file read operations within the management interface's authentication context.

CVSS 6.5
EPSS 1.9%
KEV Pred 64%
Product Palo Alto Networks Cloud NGFW palo
CVSS v3.1 CVSS v4.0 KEV CWE-73
11 Feb/25
CVE-2025-24472
HIGH

This vulnerability is an authentication bypass caused by improper validation of Security Fabric proxy requests in Fortinet FortiOS and FortiProxy products. The flaw arises from the acceptance of crafted CSF proxy requests that exploit knowledge of upstream and downstream device serial numbers. The affected component is the Security Fabric integration feature, which fails to enforce proper authentication controls between devices, enabling unauthorized privilege escalation.

CVSS 8.1
EPSS 3.0%
KEV Pred 70%
Product Fortinet FortiProxy fortinet
CVSS v3.1 KEV CWE-288 RANSOMWARE
10 Feb/25
CVE-2025-24200
MEDIUM

This vulnerability is an authorization bypass caused by improper state management within Apple iOS and iPadOS. The flaw affects the USB Restricted Mode feature on locked devices, allowing physical manipulation to disable its protections. The root cause lies in insufficient enforcement of authorization checks controlling USB access state transitions under locked conditions.

CVSS 6.1
EPSS 4.4%
KEV Pred 71%
Product Apple iOS and iPadOS apple
CVSS v3.1 KEV CWE-863
04 Feb/25
CVE-2024-40891
HIGH

This vulnerability is a post-authentication command injection affecting the legacy DSL CPE Zyxel VMG4325-B10A firmware. The root cause lies in improper input validation within the management command interface accessible via Telnet, allowing injection of arbitrary OS commands. The affected component is the firmware's management command processing module, which fails to sanitize user-supplied input before execution.

CVSS 8.8
EPSS 19.7%
KEV Pred 52%
Product Zyxel VMG4325-B10A firmware zyxel
CVSS v3.1 KEV CWE-78
04 Feb/25
CVE-2024-40890
HIGH

This vulnerability is a post-authentication command injection affecting the CGI program within the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615. The root cause lies in insufficient input validation of HTTP POST parameters, allowing crafted input to be interpreted as operating system commands. The affected component is the device's web-based management interface handling CGI requests.

CVSS 8.8
EPSS 20.1%
KEV Pred 53%
Product Zyxel VMG4325-B10A firmware zyxel
CVSS v3.1 KEV CWE-78
03 Feb/25
CVE-2024-57968
HIGH

The vulnerability is an improper file upload control in Advantive VeraCore versions prior to 2024.4.2.1, specifically involving the upload.aspx component. The root cause is insufficient validation of the destination directory during file upload operations, allowing authenticated users to place files into arbitrary folders. This flaw affects the web application's file handling mechanism, enabling manipulation of file storage paths beyond intended restrictions.

CVSS 8.8
EPSS 30.5%
KEV Pred 70%
Product Advantive VeraCore advantive
CVSS v3.1 KEV CWE-434
23 Jan/25
CVE-2025-23006
CRITICAL

This vulnerability is a pre-authentication deserialization flaw rooted in improper handling of untrusted data within the SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). The deserialization process fails to validate or sanitize input before reconstructing objects, enabling arbitrary code execution through crafted serialized payloads. The affected components include the SMA1000 management interfaces responsible for processing serialized data from remote connections.

CVSS 9.8
EPSS 23.4%
KEV Pred 73%
Product SonicWall SMA1000 sonicwall
CVSS v3.1 KEV CWE-502 RANSOMWARE
18 Jan/25
CVE-2025-23209
HIGH

This vulnerability is a remote code execution flaw rooted in improper handling of user-supplied input that allows unsafe evaluation of code within the Craft CMS environment. The vulnerability arises when the security key, which is used for cryptographic operations and integrity checks, has been compromised. The affected component is the Craft CMS versions 4 and 5 prior to specific patched releases, where the compromised key enables exploitation of the code evaluation mechanism.

CVSS 8.1
EPSS 4.7%
KEV Pred 64%
Product craftcms cms craftcms
CVSS v3.1 KEV CWE-94
15 Jan/25
CVE-2024-57728
HIGH

This vulnerability is a path traversal and arbitrary file upload flaw rooted in improper validation of zip archive contents within the SimpleHelp remote support software. The server component responsible for handling admin-uploaded zip files fails to sanitize file paths inside the archive, enabling crafted zip entries to escape intended directories. This zip slip flaw affects versions 5.5.7 and earlier, specifically the file upload processing logic in the administrative interface.

CVSS 7.2
EPSS 7.5%
KEV Pred 60%
Product N/A
CVSS v3.1 KEV CWE-59 RANSOMWARE
Page 1 of 5 (230 total)