2025-09-12
2025-09-12 16:15Z
CRIT

CVE-2025-55835 — Sueamcms_project Sueamcms: File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-55835

File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering. CVSSv3.1 9.8 (CRITICAL) · EPSS 62th percentile

CWECWE 434VNDSueamcms ProjectTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-11
2025-09-11 15:48Z
HIGH

kernel-exploits — My proof-of-concept exploits for the Linux kernel

xairy's kernel-exploits repository is a curated collection of proof-of-concept Linux kernel exploits spanning 2016–2025, covering double-free vulnerabilities, signedness issues, memory corruption, and integer underflow flaws across USB, socket, and HID subsystems. The collection includes both privilege escalation and information-leak primitives, with the most recent additions (CVE-2025-38494/38495) targeting HID core integer underflow.

SRFOsTACTA0004TACTA0005OSLinuxTYPWriteupTYPExploitSTGDefense EvasionSTGPrivesc
78
Edit Score
2025-09-11
2025-09-11 08:15Z
CRIT

CVE-2025-8570 — BeyondCart: The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-8570

The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 3.0.1. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity. CVSSv3.1 9.8 (CRITICAL)

CWECWE 798VNDBeyondcartTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-11
2025-09-11 00:00Z
HIGH

EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

Trend Micro Research·trendmicro.comin the wild

Trend Micro disclosed EvilAI, an active malware campaign distributing trojans disguised as legitimate productivity and AI tools with valid digital signatures across 114+ countries. The malware uses AI-generated obfuscated JavaScript payloads delivered via Node.js, establishes persistence through scheduled tasks, enumerates security products, steals browser credentials, and maintains encrypted C&C communication. Infections have impacted manufacturing, government, and healthcare sectors with 114 confirmed cases in the first week of tracking.

SRFApplicationSRFOsTACTA0005TACTA0001TACTA0002TACTA0007TACTA0003TACTA0008
72
Edit Score
2025-09-09
2025-09-09 17:16Z
CRIT

CVE-2025-58997 — Site: Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow mow allows Code Injection.This issue affects

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58997

Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow mow allows Code Injection.This issue affects Mow: from n/a through <= 4.10. CVSSv3.1 9.6 (CRITICAL)

CWECWE 352TYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2025-09-09
2025-09-09 17:16Z
HIGH

CVE-2025-58215 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58215

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through < 1.4.5. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-54709 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-54709

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Sala sala.This issue affects Sala: from n/a through <= 1.1.6. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-53303 — Deserialization: of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-53303

Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue affects ThemeMove Core: from n/a through <= 1.4.2. CVSSv3.1 8.8 (HIGH)

CWECWE 502TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-09
2025-09-09 17:15Z
HIGH

CVE-2025-48101 — Deserialization: of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress constant-contact-api allows Object

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-48101

Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress constant-contact-api allows Object Injection.This issue affects Constant Contact for WordPress: from n/a through <= 4.1.1. CVSSv3.1 8.8 (HIGH)

CWECWE 502TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-47579 — Themegoods Photography: Deserialization of Untrusted Data vulnerability in ThemeGoods Photography photography allows Object Injection.This issue affects

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-47579

Deserialization of Untrusted Data vulnerability in ThemeGoods Photography photography allows Object Injection.This issue affects Photography: from n/a through <= 7.7.2. CVSSv3.1 9.0 (CRITICAL)

CWECWE 502VNDThemegoodsTYPVulnerability
9.0
CVSS v3.1
95
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-47569 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-47569

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through <= 2.9.6. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-09-09
2025-09-09 17:15Z
CRIT

CVE-2025-32486 — Weak: Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32486

Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through <= 1.4.6. CVSSv3.1 9.8 (CRITICAL)

CWECWE 640VNDWeakTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-09
2025-09-09 14:15Z
CRIT

CVE-2025-54236 — Adobe Commerce: versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-54236in the wild

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. CVSSv3.1 9.1 (CRITICAL) · EPSS 98th percentile

CWECWE 20VNDAdobeTYPVulnerabilitySTAitw exploited
9.1
CVSS v3.1
100
Edit Score
2025-09-09
2025-09-09 09:15Z
CRIT

CVE-2025-40795 — Siemens Simatic_pcs_neo: Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-40795

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile

CWECWE 121VNDSiemensTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-09
2025-09-09 00:00Z
CRIT

Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed

Trend Micro Research·trendmicro.comin the wild

Trend Micro disclosed a comprehensive analysis of The Gentlemen ransomware group, an emerging threat actor conducting targeted campaigns across 17 countries with focus on manufacturing, construction, healthcare, and insurance sectors. The group demonstrates advanced capabilities including custom anti-AV tools, legitimate driver abuse (ThrottleBlood.sys), GPO manipulation, privileged account compromise, and encrypted exfiltration via WinSCP, culminating in domain-wide ransomware deployment with double-extortion tactics.

SRFOsTACTA0004TACTA0005TACTA0001SRFNetworkTACTA0007SRFIdentityTACTA0003
78
Edit Score
2025-09-08
2025-09-08 19:15Z
CRIT

CVE-2025-9114 — Doccure: The Doccure theme for WordPress is vulnerable to Arbitrary User Password Change in versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9114

The Doccure theme for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.5.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. CVSSv3.1 9.8 (CRITICAL)

CWECWE 639VNDDoccureTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-08
2025-09-08 19:15Z
CRIT

CVE-2025-9113 — Doccure: The Doccure Core plugin for WordPress is vulnerable to arbitrary file uploads due to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9113

The Doccure Core plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'doccure_temp_upload_to_media' function in all versions up to, and including, 1.5.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)

CWECWE 434VNDDoccureTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-08
2025-09-08 19:15Z
HIGH

CVE-2025-9112 — Doccure: The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9112

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'doccure_temp_file_uploader' function in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDDoccureTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-09-08
2025-09-08 19:15Z
HIGH

CVE-2025-55849 — Weiphp Weiphp: v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-55849

WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and the cancelTemplatee CVSSv3.1 8.4 (HIGH) · EPSS 9th percentile

CWECWE 89VNDWeiphpTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2025-09-08
2025-09-08 15:15Z
CRIT

CVE-2025-52161 — Scholl Weblication_cms: Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52161

Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting (XSS) vulnerability. CVSSv3.1 9.8 (CRITICAL) · EPSS 36th percentile

CWECWE 79VNDSchollTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-09-05
2025-09-05 20:15Z
HIGH

CVE-2025-9566 — There's a vulnerability in podman where an attacker may use the kube play command

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 CVSSv3.1 8.1 (HIGH) · EPSS 17th percentile

CWECWE 22TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-05
2025-09-05 17:15Z
CRIT

CVE-2025-58628 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58628

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through < 2.0.9. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-09-05
2025-09-05 17:15Z
HIGH

CVE-2025-58214 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through < 1.3.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-05
2025-09-05 17:15Z
HIGH

CVE-2025-58206 — Thememove Maxcoach: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58206

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through <= 3.2.5. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDThememoveTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-09-05
2025-09-05 17:15Z
CRIT

CVE-2025-49401 — Incorrect: Privilege Assignment vulnerability in axiomthemes smart SEO smartSEO allows Privilege Escalation.This issue affects

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49401

Incorrect Privilege Assignment vulnerability in axiomthemes smart SEO smartSEO allows Privilege Escalation.This issue affects smart SEO: from n/a through <= 4.0. CVSSv3.1 9.8 (CRITICAL)

CWECWE 266TYPVulnerability
9.8
CVSS v3.1
99
Edit Score