2025-10-13
2025-10-13 13:15Z
CRIT

CVE-2025-6919 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6919

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cats Information Technology Software Development Technologies Aykome License Tracking System allows SQL Injection. This issue affects Aykome License Tracking System: before Version dated 06.10.2025. CVSSv3.1 9.8 (CRITICAL) · EPSS 12th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-10
2025-10-10 17:15Z
CRIT

CVE-2025-60306 — Code-projects Simple_car_rental_system: Simple Car Rental System 1.0 has a permission bypass issue where low privilege

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60306

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations. CVSSv3.1 9.9 (CRITICAL) · EPSS 30th percentile

CWECWE 287CWECWE 284VNDSimpleVNDCode ProjectsTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2025-10-10
2025-10-10 16:15Z
CRIT

CVE-2025-60307 — Carmelo Computer_laboratory_system: code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60307

code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts. CVSSv3.1 9.8 (CRITICAL) · EPSS 34th percentile

CWECWE 89VNDCarmeloVNDComputerTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-10
2025-10-10 16:15Z
HIGH

CVE-2025-60305 — Senior-walter Online_student_clearance_system: SourceCodester Online Student Clearance System 1.0 is vulnerable to Incorrect Access Control.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60305

SourceCodester Online Student Clearance System 1.0 is vulnerable to Incorrect Access Control. The application contains a logic flaw which allows low privilege users can forge high privileged sessions and perform sensitive operations. CVSSv3.1 8.8 (HIGH) · EPSS 32th percentile

CWECWE 284VNDSenior WalterVNDSourcecodesterTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-10-10
2025-10-10 15:16Z
HIGH

CVE-2025-60378 — Fairsketch Rise_ultimate_project_manager: Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60378

Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business email compromise. Automated recurring invoices and messaging amplify the risk by distributing malicious content to multiple recipients. CVSSv3.1 8.1 (HIGH) · EPSS 61th percentile

CWECWE 79VNDStoredVNDFairsketchTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-10-10
2025-10-10 10:15Z
HIGH

CVE-2025-52650 — Hcltech Aion: Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52650

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0 CVSSv3.1 8.2 (HIGH) · EPSS 11th percentile

CWECWE 1032VNDHcltechVNDInlineTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-09
2025-10-09 08:15Z
CRIT

CVE-2025-11522 — Search: The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-11522

The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled. CVE-2025-62064 is likely a duplicate of this CVE. CVSSv3.1 9.8 (CRITICAL)

CWECWE 288VNDSearchTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-10-09
2025-10-09 00:00Z
CRIT

RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits

Trend Micro and ZDI researchers identified a large-scale RondoDox botnet campaign actively exploiting over 50 vulnerabilities across 30+ vendors since mid-2025, including flaws first disclosed at Pwn2Own competitions. The campaign uses a "shotgun" approach targeting internet-exposed routers, DVRs, NVRs, CCTV systems, and web servers with command-injection exploits, deploying multiarchitecture payloads and co-packaging with Mirai/Morte variants. Multiple CVEs are now in CISA's Known Exploited Vulnerabilities catalog, with evidence of rapid growth via loader-as-a-service infrastructure.

TACTA0001TACTA0002SRFNetworkSRFNetwork ApplianceTACTA0003VNDTp LinkVNDApacheVNDCisco
82
Edit Score
2025-10-09
2025-10-09 00:00Z
CRIT

Weaponized AI Assistants & Credential Thieves

Trend Micro Research·trendmicro.comin the wild

Trend Micro documents two escalating NPM supply-chain attacks: 's1ngularity' malware that weaponizes local AI CLI tools (Gemini, Claude) to harvest credentials via prompt injection, followed by 'Shai-Hulud', a self-propagating worm that compromises maintainer accounts and uses TruffleHog to locate publishing tokens, then automatically republishes infected packages across 187+ packages including CrowdStrike developer tools. The attacks demonstrate a shift toward fully automated, token-driven supply-chain propagation requiring no human intervention after initial compromise.

SRFApplicationTACTA0001TACTA0006TACTA0007SRFSupply ChainVNDGoogleVNDAnthropicVNDCrowdstrike
92
Edit Score
2025-10-08
2025-10-08 19:15Z
HIGH

CVE-2025-57457 — Command: An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-57457

An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter. CVSSv3.1 8.8 (HIGH) · EPSS 63th percentile

CWECWE 78VNDCommandTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-10-08
2025-10-08 13:12Z
CRIT

ResourcePoison — Writeup and exploit for CVE-2025-22441: Privilege escalation from installed app to SystemUI process on Android due to pa

GitHub · LPE exploits·github.comGITHUB POCCVE-2025-22441

ResourcePoison is a privilege escalation exploit for CVE-2025-22441 affecting Android, allowing an installed app to achieve code execution within the SystemUI process via untrusted ApplicationInfo passed through RemoteViews. The vulnerability stems from LoadedApk.checkAndUpdateApkPaths() accepting attacker-controlled ApplicationInfo objects from RemoteViews without validation, enabling resource replacement and arbitrary code loading through a race condition during WebView initialization. The exploit chains resource manipulation with WebView loading to achieve RCE in SystemUI, bypassing normal permission boundaries.

SRFOsTACTA0004SRFMobileTYPWriteupTYPExploitSTGPrivescSTGExecutionTECT1548
92
Edit Score
2025-10-08
2025-10-08 12:00Z
HIGH

APT Meets GPT: Targeted Operations with Untamed LLMs

Volexity·volexity.comin the wild

Volexity disclosed a sustained spear-phishing campaign by China-aligned APT UTA0388 (tracked as UNK_DropPitch by Proofpoint) running from June–September 2025, delivering the GOVERSHELL backdoor via DLL search-order hijacking. The threat actor evolved five distinct malware variants with progressively sophisticated C2 mechanisms (fake TLS → AES → HTTPS polling → WebSocket → beacon-style), and OpenAI confirmed UTA0388 leveraged ChatGPT for phishing content generation and malware development. The campaign employed rapport-building phishing, multi-language targeting, and cloud-hosted payload delivery across North America, Asia, and Europe.

SRFApplicationSRFOsTACTA0005TACTA0001TACTA0002TACTA0003TACTA0011VNDOpenai
82
Edit Score
2025-10-08
2025-10-08 00:00Z
HIGH

How Your AI Chatbot Can Become a Backdoor

Trend Micro Research·trendmicro.com

Trend Micro published a detailed attack chain demonstrating how LLM-powered chatbots can be weaponized as backdoors through a multi-stage exploitation sequence: initial information disclosure via error messages, indirect prompt injection via third-party data sources, system prompt leakage, excessive API permissions, command injection, and lateral movement into infrastructure. The research maps vulnerabilities to OWASP LLM Top 10 (LLM01, LLM02, LLM05, LLM06, LLM07, LLM08) and illustrates how seemingly minor AI security gaps chain into full infrastructure compromise.

SRFApplicationTACTA0004TACTA0001TACTA0002TACTA0007TACTA0009SRFAiVNDTrend Micro
68
Edit Score
2025-10-08
2025-10-08 00:00Z
CRIT

A Cascade of Insecure Architectures: Axis Plugin Design Flaw Expose Select Autodesk Revit Users to Supply Chain Risk

Trend Micro Research·trendmicro.comZDI-24-1181ZDI-24-1328ZDI-24-1329ZDI-25-858

Trend Micro discovered hardcoded Azure Storage Account credentials (SAS tokens and access keys) embedded in signed DLLs within Axis Communications' Autodesk Revit plugin, exposing MSI installers and RFA model files to unauthorized modification. Combined with multiple RCE vulnerabilities in Autodesk Revit's RFA file parser, attackers could have poisoned the storage account to deliver malicious installers or crafted model files, enabling mass supply-chain compromise of Axis customers. Axis patched the issue across multiple iterations (versions 25.3.710, 25.3.711, and final fix in 25.3.718), but initial patches used obfuscation and retained overly permissive credentials before implementing least-privilege SAS tokens.

SRFApplicationTACTA0001TACTA0006SRFCloudVNDAutodeskVNDAxis CommunicationsTYPResearchTYPVulnerability
82
Edit Score
2025-10-07
2025-10-07 12:15Z
CRIT

CVE-2025-0603 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-0603

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare Callvision Emergency Code allows SQL Injection, Blind SQL Injection. This issue affects Callvision Emergency Code: before V3.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 12th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-06
2025-10-06 17:16Z
CRIT

CVE-2025-60965 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60965

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. CVSSv3.1 9.1 (CRITICAL) · EPSS 74th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-10-06
2025-10-06 17:16Z
CRIT

CVE-2025-60964 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60964

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, gain sensitive information, and possibly other unspecified impacts. CVSSv3.1 9.1 (CRITICAL) · EPSS 73th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-10-06
2025-10-06 17:16Z
HIGH

CVE-2025-60963 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60963

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. CVSSv3.1 8.2 (HIGH) · EPSS 64th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-06
2025-10-06 17:16Z
HIGH

CVE-2025-60962 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60962

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information, and possibly other unspecified impacts. CVSSv3.1 8.2 (HIGH) · EPSS 59th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-06
2025-10-06 17:16Z
HIGH

CVE-2025-60960 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60960

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. CVSSv3.1 8.2 (HIGH) · EPSS 64th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-06
2025-10-06 17:16Z
HIGH

CVE-2025-60959 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60959

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to gain sensitive information. CVSSv3.1 8.2 (HIGH) · EPSS 59th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-10-06
2025-10-06 17:16Z
CRIT

CVE-2025-60957 — Endruntechnologies Sonoma_d12_firmware: OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60957

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. CVSSv3.1 9.9 (CRITICAL) · EPSS 73th percentile

CWECWE 78VNDCommandVNDEndruntechnologiesTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2025-10-06
2025-10-06 17:16Z
HIGH

CVE-2025-60956 — Endruntechnologies Sonoma_d12_firmware: Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Server

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60956

Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and gain sensitive information. CVSSv3.1 8.0 (HIGH) · EPSS 11th percentile

CWECWE 352VNDEndruntechnologiesTYPVulnerability
8.0
CVSS v3.1
90
Edit Score
2025-10-04
2025-10-04 08:15Z
CRIT

CVE-2025-39946 — Linux Linux_kernel: In the Linux kernel, the following vulnerability has been resolved: tls: make sure to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-39946

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent connection stalls. Make sure that we abort the connection when we find out late that the record is actually invalid. Retrying the parsing is fine in itself but since we copy some more data CVSSv3.1 9.8 (CRITICAL)

TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-10-04
2025-10-04 03:15Z
HIGH

CVE-2025-9243 — Cost: The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorizedmodification of data due

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9243

The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorizedmodification of data due to a missing capability check on the get_cc_orders and update_order_status functions in all versions up to, and including, 3.5.32. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access order management functions and modify order status. CVSSv3.1 8.1 (HIGH)

CWECWE 862VNDCostTYPVulnerability
8.1
CVSS v3.1
91
Edit Score