2025-12-17
2025-12-17 23:16Z
HIGH

CVE-2025-68143 — Lfprojects Model_context_protocol_servers: Model Context Protocol Servers is a collection of reference implementations for the model context

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68143

Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). In mcp-server-git versions prior to 2025.9.25, the git_init tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other tools which required an existing repository, git_init could operate on any directory accessible to the server process, making those directories eligible for subsequent git operations. CVSSv3.1 8.8 (HIGH)

CWECWE 22VNDLfprojectsVNDModelTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-17
2025-12-17 14:00Z
HIGH

MITRE AADAPT Framework as a Red Team Roadmap

Bishop Fox Labs·bishopfox.com

Bishop Fox publishes a practical guide to operationalizing MITRE's AADAPT (Adversarial Actions in Digital Asset Payment Techniques) framework through red teaming. The article maps value flows in tokenized systems, aligns attack scenarios to AADAPT tactics, and provides four concrete offensive test templates (flash-loan manipulation, oracle poisoning, signing abuse, cross-chain evasion) with telemetry collection and purple-team validation methodology.

TACTA0005TACTA0001TACTA0002TACTA0006TACTA0003SRFCloudTACTA0043TYPResearch
72
Edit Score
2025-12-16
2025-12-16 18:16Z
HIGH

CVE-2023-53900 — Spip Spip: 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-53900

Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering. CVSSv3.1 8.8 (HIGH) · EPSS 18th percentile

CWECWE 79VNDSpipTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-16
2025-12-16 17:16Z
CRIT

CVE-2023-53899 — Podcastgenerator Podcast_generator: 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-53899

PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation. CVSSv3.1 9.8 (CRITICAL)

CWECWE 918VNDPodcastgeneratorTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-16
2025-12-16 16:15Z
CRIT

CVE-2025-65319 — Blixhq Bluemail: When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-65319

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software. CVSSv3.1 9.1 (CRITICAL) · EPSS 38th percentile

CWECWE 693VNDBlixhqTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-12-16
2025-12-16 16:15Z
CRIT

CVE-2025-65318 — Canarymail Canary_mail: When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-65318

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software. CVSSv3.1 9.1 (CRITICAL) · EPSS 38th percentile

CWECWE 693VNDCanarymailTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-12-16
2025-12-16 12:00Z
MED

Use GWP-ASan to detect exploits in production environments

Trail of Bits·blog.trailofbits.com

Trail of Bits details GWP-ASan (Guarded Pool Allocator with AddressSanitizer), a sampling-based memory sanitizer that detects heap memory safety bugs—use-after-free, double-free, buffer overflows—in production with near-zero performance overhead by instrumenting only a fraction of allocations with guard pages. The post explains the technical mechanics, deployment across major projects (Chrome, Firefox, Android, WebKit), and provides practical guidance on integration using LLVM's Scudo allocator with performance benchmarks.

SRFApplicationTYPResearchTYPToolSTGDefense EvasionEXPHeap OverflowEXPUaf
62
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-12-16
2025-12-16 09:16Z
HIGH

CVE-2025-68056 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68056

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LBG Zoominoutslider lbg_zoominoutslider allows SQL Injection.This issue affects LBG Zoominoutslider: from n/a through <= 5.4.4. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-16
2025-12-16 09:16Z
HIGH

CVE-2025-68055 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68055

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.32. CVSSv3.1 8.5 (HIGH) · EPSS 18th percentile

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-16
2025-12-16 09:16Z
HIGH

CVE-2025-68054 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68054

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown With Image or Video Background countdown_with_background allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through <= 1.5. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-16
2025-12-16 09:16Z
HIGH

CVE-2025-68053 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68053

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup xPromoter top_bar_promoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through <= 1.3.4. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-16
2025-12-16 09:15Z
HIGH

CVE-2025-67950 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67950

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through <= 4.9.1. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-16
2025-12-16 09:05Z
MED

v3.6.1

Nuclei releases·github.com

Nuclei v3.6.1 released with bug fixes addressing HTTP request body loss on retries/redirects, segmentation faults in headless initialization, data races in page history reading, and memory optimization improvements. The release includes dependency updates and documentation corrections across multiple modules.

SRFApplicationVNDProjectdiscoveryTYPTool
45
Edit Score
2025-12-16
2025-12-16 09:00Z
CRIT

Thinking Outside The Box [dusted off draft from 2017]

Project Zero·googleprojectzero.blogspot.comCVE-2017-3558

Project Zero publishes a 2017 draft detailing exploitation of CVE-2017-3558 in VirtualBox's Slirp NAT networking stack. The vulnerability stems from untrusted IP packet length fields overwriting buffer metadata, enabling out-of-bounds heap reads and writes that culminate in arbitrary code execution on the host via a memcpy() gadget chain and GOT corruption to leak and call system().

SRFApplicationTACTA0002VNDVirtualboxTYPResearchTYPWriteupSTGExecutionSTGInitial AccessTECT1190
82
Edit Score
2025-12-15
2025-12-15 21:15Z
HIGH

CVE-2023-53888 — Zomp Zomplog: 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-53888

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and rename actions in the application. CVSSv3.1 8.8 (HIGH) · EPSS 76th percentile

CWECWE 94VNDZompVNDZomplogTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-15
2025-12-15 17:15Z
HIGH

CVE-2025-11393 — This allows a standard user within the cluster to send unauthorized commands to the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-11393

A flaw was found in runtimes-inventory-rhel8-operator. An internal proxy component is incorrectly configured. Because of this flaw, the proxy attaches the cluster's main administrative credentials to any command it receives, instead of only the specific reports it is supposed to handle. This allows a standard user within the cluster to send unauthorized commands to the management platform, effectively acting with the full permissions of the cluster administrator. This could CVSSv3.1 8.7 (HIGH) · EPSS 12th percentile

CWECWE 441TYPVulnerability
8.7
CVSS v3.1
94
Edit Score
2025-12-15
2025-12-15 16:15Z
HIGH

CVE-2024-44599 — Fntsoftware Fnt_command: FNT Command 13.4.0 is vulnerable to Directory Traversal.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-44599

FNT Command 13.4.0 is vulnerable to Directory Traversal. CVSSv3.1 8.3 (HIGH) · EPSS 34th percentile

CWECWE 434VNDFntsoftwareVNDFntTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2025-12-15
2025-12-15 16:15Z
HIGH

CVE-2024-44598 — Fntsoftware Fnt_command: FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module. CVSSv3.1 8.8 (HIGH) · EPSS 27th percentile

CWECWE 434VNDFntsoftwareVNDFntTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-13
2025-12-13 16:16Z
HIGH

CVE-2025-14476 — Doubly: The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-14476

The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.46 via deserialization of untrusted input from the content.txt file within uploaded ZIP archives. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to execute arbitrary code, delete files, retrieve sensitiv CVSSv3.1 8.8 (HIGH)

CWECWE 502VNDDoublyTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-13
2025-12-13 16:16Z
CRIT

CVE-2025-14440 — JAY: The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-14440

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jay_login_register_process_switch_back' function with the 'jay_login_register_process_switch_back' cookie value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. CVSSv3.1 9.8 (CRITICAL)

CWECWE 565VNDJayTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-12
2025-12-12 16:15Z
CRIT

CVE-2025-65854 — Mineadmin Mineadmin: Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-65854

Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full account takeover. CVSSv3.1 9.8 (CRITICAL) · EPSS 37th percentile

CWECWE 94VNDMineadminTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-12
2025-12-12 16:15Z
HIGH

CVE-2025-65530 — Cloudlinux Ai-bolit: An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-65530

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file. CVSSv3.1 8.8 (HIGH) · EPSS 21th percentile

CWECWE 95VNDCloudlinuxTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-12
2025-12-12 13:15Z
HIGH

CVE-2025-13506 — Execution: Nebim V3 ERP allows Expanding Control over the Operating System from the Database.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-13506

Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database. This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1. CVSSv3.1 8.8 (HIGH) · EPSS 26th percentile

CWECWE 250VNDExecutionTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-12
2025-12-12 12:00Z
HIGH

Catching malicious package releases using a transparency log

Trail of Bits·blog.trailofbits.com

Trail of Bits released rekor-monitor, a production-ready tool for monitoring Sigstore's Rekor transparency log to detect unauthorized package releases and compromised signing identities. The work, funded by OpenSSF, adds Rekor v2 support, certificate validation, TUF integration, and GitHub Actions workflows to enable maintainers to detect supply-chain compromises in real-time rather than relying on post-hoc detection.

TACTA0001SRFSupply ChainVNDOpenssfVNDSigstoreTYPResearchTYPToolSTGDefense EvasionSTGInitial Access
72
Edit Score
2025-12-12
2025-12-12 04:15Z
CRIT

CVE-2025-14344 — Multi: The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-14344

The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_ajax_delete_file' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server. CVSSv3.1 9.8 (CRITICAL)

CWECWE 22VNDMultiTYPVulnerability
9.8
CVSS v3.1
99
Edit Score