2025-09-16
2025-09-16 13:15Z
HIGH

CVE-2025-10534 — Mozilla Firefox: Spoofing issue in the Site Permissions component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-10534

Spoofing issue in the Site Permissions component. This vulnerability was fixed in Firefox 143 and Thunderbird 143. CVSSv3.1 8.1 (HIGH)

CWECWE 79VNDMozillaVNDSpoofingTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-16
2025-09-16 13:15Z
HIGH

CVE-2025-10533 — Mozilla Firefox: Integer overflow in the SVG component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-10533

Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3. CVSSv3.1 8.8 (HIGH)

CWECWE 190VNDMozillaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-16
2025-09-16 13:00Z
CRIT

State of the SaaS Security Union

Bishop Fox Labs·bishopfox.comin the wild

Bishop Fox documents two concurrent threat campaigns targeting SaaS applications: UNC6040 (ShinyHunters/Scattered Spider) conducting OAuth phishing and credential attacks against Salesforce customers for ransom, and UNC6395 (suspected nation-state APT) exploiting integration misconfigurations in Salesloft to compromise 700+ customers and pivot into downstream SaaS and AWS environments. The attacks expose critical gaps in SaaS security posture, particularly overprivileged integration accounts and lack of secrets management visibility.

SRFApplicationTACTA0001TACTA0006TACTA0007SRFCloudTACTA0008VNDSalesforceVNDAws
78
Edit Score
2025-09-16
2025-09-16 12:15Z
CRIT

CVE-2025-7744 — Dolusoft Omaspot: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-7744

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dolusoft Omaspot allows SQL Injection. This issue affects Omaspot: before 12.09.2025. CVSSv3.1 9.8 (CRITICAL) · EPSS 17th percentile

CWECWE 89VNDDolusoftTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-16
2025-09-16 12:15Z
CRIT

CVE-2025-7743 — Dolusoft Omaspot: Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows Interception, Privilege Escalation.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-7743

Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows Interception, Privilege Escalation. This issue affects Omaspot: before 12.09.2025. CVSSv3.1 9.6 (CRITICAL)

CWECWE 319VNDCleartextVNDDolusoftTYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2025-09-16
2025-09-16 12:15Z
HIGH

CVE-2024-12913 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-12913

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection. This issue affects Azora Wireless Network Management: through 20250916.  NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. CVSSv3.1 8.8 (HIGH) · EPSS 6th percentile

CWECWE 89TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-16
2025-09-16 09:15Z
CRIT

CVE-2025-4688 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4688

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2. CVSSv3.1 9.8 (CRITICAL) · EPSS 17th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-09-16
2025-09-16 08:15Z
HIGH

CVE-2024-12367 — Exposure: of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-12367

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software Vega Master allows Directory Indexing. This issue affects Vega Master: from v.1.12.35 through 20250916.  NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. CVSSv3.1 8.6 (HIGH) · EPSS 17th percentile

CWECWE 497TYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2025-09-15
2025-09-15 22:15Z
HIGH

CVE-2025-56274 — Senior-walter Web-based_pharmacy_product_management_system: SourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, which

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-56274

SourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, which allows low-privileged users to forge high privileged (such as admin) sessions and perform sensitive operations such as adding new users. CVSSv3.1 8.1 (HIGH)

CWECWE 284VNDSenior WalterVNDSourcecodesterTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-15
2025-09-15 17:15Z
CRIT

CVE-2025-57174 — Siklu: An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-57174

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all devices, allowing attackers to craft encrypted packets that execute arbitrary commands without authentication. This is a failed patch for CVE-2017-7318. This issue may affect other E CVSSv3.1 9.8 (CRITICAL) · EPSS 65th percentile

CWECWE 321VNDSikluTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-12
2025-09-12 16:15Z
CRIT

CVE-2025-55835 — Sueamcms_project Sueamcms: File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-55835

File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering. CVSSv3.1 9.8 (CRITICAL) · EPSS 62th percentile

CWECWE 434VNDSueamcms ProjectTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-11
2025-09-11 15:48Z
HIGH

kernel-exploits — My proof-of-concept exploits for the Linux kernel

xairy's kernel-exploits repository is a curated collection of proof-of-concept Linux kernel exploits spanning 2016–2025, covering double-free vulnerabilities, signedness issues, memory corruption, and integer underflow flaws across USB, socket, and HID subsystems. The collection includes both privilege escalation and information-leak primitives, with the most recent additions (CVE-2025-38494/38495) targeting HID core integer underflow.

SRFOsTACTA0004TACTA0005OSLinuxTYPWriteupTYPExploitSTGDefense EvasionSTGPrivesc
78
Edit Score
2025-09-11
2025-09-11 08:15Z
CRIT

CVE-2025-8570 — BeyondCart: The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8570

The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 3.0.1. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity. CVSSv3.1 9.8 (CRITICAL)

CWECWE 798VNDBeyondcartTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-11
2025-09-11 00:00Z
HIGH

EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

Trend Micro Research·trendmicro.comin the wild

Trend Micro disclosed EvilAI, an active malware campaign distributing trojans disguised as legitimate productivity and AI tools with valid digital signatures across 114+ countries. The malware uses AI-generated obfuscated JavaScript payloads delivered via Node.js, establishes persistence through scheduled tasks, enumerates security products, steals browser credentials, and maintains encrypted C&C communication. Infections have impacted manufacturing, government, and healthcare sectors with 114 confirmed cases in the first week of tracking.

SRFApplicationSRFOsTACTA0005TACTA0001TACTA0002TACTA0007TACTA0003TACTA0008
72
Edit Score
2025-09-09
2025-09-09 17:16Z
CRIT

CVE-2025-58997 — Site: Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow mow allows Code Injection.This issue affects

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58997

Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow mow allows Code Injection.This issue affects Mow: from n/a through <= 4.10. CVSSv3.1 9.6 (CRITICAL)

CWECWE 352TYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2025-09-09
2025-09-09 17:16Z
HIGH

CVE-2025-58215 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58215

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through < 1.4.5. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-54709 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-54709

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Sala sala.This issue affects Sala: from n/a through <= 1.1.6. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-53303 — Deserialization: of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-53303

Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue affects ThemeMove Core: from n/a through <= 1.4.2. CVSSv3.1 8.8 (HIGH)

CWECWE 502TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-48101 — Deserialization: of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress constant-contact-api allows Object

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-48101

Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress constant-contact-api allows Object Injection.This issue affects Constant Contact for WordPress: from n/a through <= 4.1.1. CVSSv3.1 8.8 (HIGH)

CWECWE 502TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-47579 — Themegoods Photography: Deserialization of Untrusted Data vulnerability in ThemeGoods Photography photography allows Object Injection.This issue affects

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-47579

Deserialization of Untrusted Data vulnerability in ThemeGoods Photography photography allows Object Injection.This issue affects Photography: from n/a through <= 7.7.2. CVSSv3.1 9.0 (CRITICAL)

CWECWE 502VNDThemegoodsTYPVulnerability
9.0
CVSS v3.1
95
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-47569 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-47569

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through <= 2.9.6. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-32486 — Weak: Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32486

Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through <= 1.4.6. CVSSv3.1 9.8 (CRITICAL)

CWECWE 640VNDWeakTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-09
2025-09-09 14:15Z
CRIT

CVE-2025-54236 — Adobe Commerce: versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-54236in the wild

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. CVSSv3.1 9.1 (CRITICAL) · EPSS 98th percentile

CWECWE 20VNDAdobeTYPVulnerabilitySTAitw exploited
9.1
CVSS v3.1
100
Edit Score
2025-09-09
2025-09-09 09:15Z
CRIT

CVE-2025-40795 — Siemens Simatic_pcs_neo: Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-40795

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile

CWECWE 121VNDSiemensTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-09
2025-09-09 00:00Z
CRIT

Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed

Trend Micro Research·trendmicro.comin the wild

Trend Micro disclosed a comprehensive analysis of The Gentlemen ransomware group, an emerging threat actor conducting targeted campaigns across 17 countries with focus on manufacturing, construction, healthcare, and insurance sectors. The group demonstrates advanced capabilities including custom anti-AV tools, legitimate driver abuse (ThrottleBlood.sys), GPO manipulation, privileged account compromise, and encrypted exfiltration via WinSCP, culminating in domain-wide ransomware deployment with double-extortion tactics.

SRFOsTACTA0004TACTA0005TACTA0001SRFNetworkTACTA0007SRFIdentityTACTA0003
78
Edit Score