2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-59007 — Deserialization: of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-59007

Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through <= 1.0.1. CVSSv3.1 9.8 (CRITICAL)

CWECWE 502TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-22
2025-10-22 15:15Z
HIGH

CVE-2025-58967 — Thememove Businext: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58967

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDThememoveTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-58963 — Upload: Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows Upload

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58963

Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows Upload a Web Shell to a Web Server.This issue affects Medcity: from n/a through < 1.1.9. CVSSv3.1 10.0 (CRITICAL)

CWECWE 434TYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2025-10-22
2025-10-22 15:15Z
HIGH

CVE-2025-58958 — Thememove Smilepure: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58958

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDThememoveTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-52758 — Upload: Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52758

Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through <= 1.7.0. CVSSv3.1 9.1 (CRITICAL)

CWECWE 434TYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-49931 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49931

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through <= 3.5.10. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-10-22
2025-10-22 15:15Z
HIGH

CVE-2025-49916 — Authorization: Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49916

Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23. CVSSv3.1 8.6 (HIGH)

CWECWE 862TYPVulnerability
8.6
CVSS v3.1
93
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-49915 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49915

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.5. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-10-22
2025-10-22 15:15Z
CRIT

CVE-2025-49380 — Deserialization: of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49380

Deserialization of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object Injection.This issue affects WooCommerce Vehicle Parts Finder: from n/a through <= 3.7. CVSSv3.1 9.8 (CRITICAL)

CWECWE 502TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-22
2025-10-22 15:15Z
HIGH

CVE-2025-49378 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49378

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.10. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-10-22
2025-10-22 15:15Z
HIGH

CVE-2025-48091 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-48091

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a through <= 0.3.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-10-22
2025-10-22 14:15Z
CRIT

CVE-2025-56447 — TM2: Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-56447

TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile

CWECWE 319CWECWE 287VNDTm2TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-22
2025-10-22 10:19Z
CRIT

Pwn2Own Ireland 2025 - Day Two Results

Zero Day Initiative·thezdi.com0day

Pwn2Own Ireland 2025 Day Two concluded with 56 unique 0-day vulnerabilities disclosed across IoT, mobile, and network appliances, awarding $792,750 total. Notable exploits included a Samsung Galaxy S25 RCE chain (5 bugs, $50k), multiple printer/bridge buffer overflows, and an auth-bypass leading to root on Synology NAS. The Summoning Team maintains the Master of Pwn lead heading into Day Three, with a high-value WhatsApp exploit pending.

SRFMobileSRFNetwork ApplianceSRFHardwareVNDAmazonVNDSamsungVNDSynologyVNDCanonVNDQnap
72
Edit Score
2025-10-22
2025-10-22 00:00Z
HIGH

The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns

Trend Micro Research·trendmicro.comCVE-2025-5777

Trend Micro Research documents a novel collaborative model between China-aligned APT groups Earth Estries and Earth Naga, termed "Premier Pass-as-a-Service," where Earth Estries acts as an access broker providing direct network access to Earth Naga for continued exploitation. The report details a Southeast Asian government compromise (January–March 2025) involving CrowDoor, ShadowPad, Cobalt Strike, and post-exploitation tools, and introduces a four-tier framework categorizing APT collaboration types from loose coordination to advanced operational-box provisioning.

SRFApplicationTACTA0001SRFNetworkTACTA0011VNDTrend MicroTYPResearchTYPThreat IntelSTGInitial Access
72
Edit Score
2025-10-21
2025-10-21 14:15Z
HIGH

CVE-2025-11151 — Exposure: of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-11151

Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beyaz Bilgisayar Software Design Industry and Trade Ltd. Co. CityPLus allows Detect Unpublicized Web Pages. This issue affects CityPLus: before V24.29500.1.0. CVSSv3.1 8.2 (HIGH) · EPSS 14th percentile

CWECWE 200CWECWE 497TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-21
2025-10-21 09:26Z
HIGH

Pwn2Own Ireland 2025: Day One Results

Zero Day Initiative·thezdi.com

Pwn2Own Ireland 2025 Day One concluded with 17 successful exploit attempts across 34 unique vulnerabilities, awarding $522,500 in prizes. Researchers demonstrated exploits against network appliances and IoT devices including HP printers, Canon multifunction devices, Synology NAS systems, QNAP storage, Philips Hue bridges, Sonos speakers, and Home Assistant Green, using techniques ranging from stack/heap overflows to SSRF, command injection, and auth bypass chains.

TACTA0004TACTA0002SRFNetwork ApplianceSRFHardwareVNDSynologyVNDCanonVNDQnapVNDHp
72
Edit Score
2025-10-21
2025-10-21 00:00Z
HIGH

Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities

Trend Micro Research·trendmicro.comin the wild

Trend Micro Research disclosed technical analysis of Vidar Stealer 2.0, released October 6, 2025, featuring a complete C-language rewrite, multithreaded architecture, and novel Chrome AppBound encryption bypass via direct memory injection. The malware targets credentials across browsers, cloud services, cryptocurrency wallets, gaming platforms, and communication apps, with activity spiking as threat actors migrate from declining Lumma Stealer operations.

SRFApplicationSRFOsTACTA0006TACTA0007TACTA0009SRFBrowserTACTA0010VNDTrend Micro
72
Edit Score
2025-10-20
2025-10-20 18:12Z
HIGH

Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation

Exodus Intel·blog.exodusintel.comCVE-2025-55680CVE-2020-17136

Microsoft patched CVE-2025-55680, a time-of-check-time-of-use (TOCTOU) race condition in the Cloud Files Minifilter driver (cldflt.sys) discovered in March 2024. The vulnerability exists in HsmpOpCreatePlaceholders() where a filename validation check for backslash and colon characters can be bypassed by modifying a mapped userspace buffer between validation and file creation, allowing arbitrary file creation anywhere on the system via DLL side-loading for privilege escalation.

SRFOsTACTA0004TACTA0005VNDMicrosoftTYPWriteupTYPExploitTYPVulnerabilitySTGPrivesc
78
Edit Score
2025-10-20
2025-10-20 13:15Z
HIGH

CVE-2025-56224 — Ascertia Signinghub: A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-56224

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack. CVSSv3.1 8.1 (HIGH) · EPSS 37th percentile

CWECWE 307VNDAscertiaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-10-18
2025-10-18 06:08Z
HIGH

ADCollector — A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and

GitHub · AD attack tooling·github.comGITHUB POC

ADCollector is a C# enumeration tool designed to rapidly extract attack-relevant information from Active Directory environments, including domain trusts, privileged accounts, delegation configurations, ADCS settings, and ACL misconfigurations. The tool focuses on identifying high-value targets and attack vectors without the overhead of comprehensive enumeration, complementing PowerView for initial reconnaissance phases.

SRFOsTACTA0007SRFIdentityTYPToolSTGDiscoverySTGReconTECT1526TECT1087
72
Edit Score
2025-10-17
2025-10-17 19:15Z
CRIT

CVE-2025-56218 — Ascertia Signinghub: An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-56218

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile

CWECWE 434VNDAscertiaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-17
2025-10-17 16:15Z
CRIT

CVE-2025-57567 — RCE: A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-57567

A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory (/themes/defaut/css/minify.php). An authenticated administrator user can overwrite this file with arbitrary PHP code via the admin panel, enabling execution of system commands. CVSSv3.1 9.1 (CRITICAL) · EPSS 55th percentile

CWECWE 94CWECWE 284VNDRceTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-10-17
2025-10-17 13:00Z
HIGH

Small Actions, Big Breaches: The Silent Offensive Against Your data

Bishop Fox Labs·bishopfox.com

Bishop Fox's Enterprise AI and SaaS Data Security Report reveals that 77% of employees paste sensitive data into unmanaged generative-AI tools, with 82% using personal accounts and 39% uploading files containing PII/PCI. The research reinforces that human behavior—not advanced exploits—remains the primary breach vector, with 60% of breaches involving user error or misuse per Verizon DBIR data.

TACTA0007SRFCloudTACTA0009SRFBrowserSRFAiTYPResearchTYPThreat IntelSTGDiscovery
72
Edit Score
2025-10-17
2025-10-17 05:15Z
CRIT

CVE-2025-11849 — Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-11849

Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of path or file type validation when processing a docx file containing an image with an external link (r:link attribute instead of embedded r:embed). The library resolves the URI to a fil CVSSv3.1 9.3 (CRITICAL) · EPSS 46th percentile

CWECWE 22TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-10-16
2025-10-16 07:15Z
CRIT

CVE-2025-10850 — Felan: The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-10850

The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fb_ajax_login_or_register' function and in the 'google_ajax_login_or_register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, if they registered with facebook or google social login and did not change their password. CVE-2025-23504 is likely a duplica CVSSv3.1 9.8 (CRITICAL)

CWECWE 798VNDFelanTYPVulnerability
9.8
CVSS v3.1
99
Edit Score