2025-06-26
2025-06-26 19:15Z
HIGH

CVE-2025-52904 — Filebrowser Filebrowser: The Command Execution feature of Filebrowser allows the execution of shell commands which are

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52904

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions of the web application on the 2.x branch, all users have a scope assigned, and they only have access to the files within that scope. The Command Execution feature of Filebrowser allows the execution of shell commands which are not restricted to the scope, potentially giving an attacker read and write access to all files CVSSv3.1 8.0 (HIGH) · EPSS 79th percentile

CWECWE 77VNDFilebrowserTYPVulnerability
8.0
CVSS v3.1
90
Edit Score
2025-06-26
2025-06-26 19:15Z
HIGH

CVE-2025-52903 — Filebrowser Filebrowser: In versions on the 2.x branch prior to 2.33.10, the Command Execution feature of

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52903

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions on the 2.x branch prior to 2.33.10, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. The concrete impact depends on the commands CVSSv3.1 8.0 (HIGH) · EPSS 80th percentile

CWECWE 77VNDFilebrowserTYPVulnerability
8.0
CVSS v3.1
90
Edit Score
2025-06-26
2025-06-26 13:00Z
CRIT

Sitecore Experience Platform Vulnerabilities: Critical Update Needed for Versions 10.1 to 10.3

Bishop Fox Labs·bishopfox.comCVE-2025-34509CVE-2025-34510CVE-2025-34511

Three chained vulnerabilities in Sitecore Experience Platform versions 10.1–10.3 enable unauthenticated remote code execution. CVE-2025-34509 exposes a hardcoded credential (password 'b') for the ServicesAPI user; when combined with CVE-2025-34510 (ZIP slip path traversal) and CVE-2025-34511 (authenticated file upload), attackers gain complete system compromise. Patched in version 10.4; fresh installations of 10.1–10.3 are affected.

SRFApplicationTACTA0001TACTA0002SRFWebVNDSitecoreTYPVulnerabilityTYPAdvisorySTGExecution
82
Edit Score
2025-06-26
2025-06-26 02:15Z
CRIT

CVE-2025-4334 — Najeebmedia Simple_user_registration: The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4334

The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to register as an administrator. CVSSv3.1 9.8 (CRITICAL)

CWECWE 269VNDNajeebmediaVNDSimpleTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-06-24
2025-06-24 17:15Z
CRIT

CVE-2025-4378 — Cleartext: Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4378

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass. This issue affects ATA-AOF Mobile Application: before 20.06.2025. CVSSv3.1 10.0 (CRITICAL) · EPSS 32th percentile

CWECWE 319CWECWE 798VNDCleartextTYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2025-06-24
2025-06-24 16:15Z
CRIT

CVE-2025-4383 — Restriction: Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4383

Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass. This issue affects Wi-Fi Cloud Hotspot: before 30.05.2025. CVSSv3.1 9.3 (CRITICAL) · EPSS 45th percentile

CWECWE 307TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-06-24
2025-06-24 14:15Z
HIGH

CVE-2025-6032 — Podman: This issue results in a Man In The Middle attack.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6032

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack. CVSSv3.1 8.3 (HIGH) · EPSS 32th percentile

CWECWE 295VNDPodmanTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-06-24
2025-06-24 14:15Z
HIGH

CVE-2025-5318 — Redhat Openshift_container_platform: An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-5318

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. CVSSv3.1 8.1 (HIGH) · EPSS 82th percentile

CWECWE 125TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-06-24
2025-06-24 13:15Z
HIGH

CVE-2025-6436 — Mozilla Firefox: Some of these bugs showed evidence of memory corruption and we presume that with

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6436

Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 140 and Thunderbird 140. CVSSv3.1 8.1 (HIGH)

CWECWE 119VNDMozillaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-06-24
2025-06-24 13:15Z
HIGH

CVE-2025-6435 — Mozilla Firefox: If a user saved a response from the Network tab in Devtools using the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and Thunderbird 140. CVSSv3.1 8.1 (HIGH)

CWECWE 434VNDMozillaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-06-24
2025-06-24 13:15Z
CRIT

CVE-2025-6433 — Mozilla Firefox: If a user visited a webpage with an invalid TLS certificate, and granted an

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6433

If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability was fixed in Firefox 140 and Thunderbird 140. CVSSv3.1 9.8 (CRITICAL)

CWECWE 295VNDMozillaTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-06-24
2025-06-24 13:15Z
HIGH

CVE-2025-6432 — Mozilla Firefox: When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6432

When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140. CVSSv3.1 8.6 (HIGH)

CWECWE 200VNDMozillaVNDMultiTYPVulnerability
8.6
CVSS v3.1
93
Edit Score
2025-06-24
2025-06-24 13:15Z
CRIT

CVE-2025-6427 — Mozilla Firefox: An attacker was able to bypass the `connect-src` directive of a Content Security Policy

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6427

An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140. CVSSv3.1 9.1 (CRITICAL)

CWECWE 693VNDMozillaTYPVulnerability
9.1
CVSS v3.1
96
Edit Score
2025-06-24
2025-06-24 13:15Z
HIGH

CVE-2025-6426 — Mozilla Firefox: The executable file warning did not warn users before opening files with the `terminal`

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6426

The executable file warning did not warn users before opening files with the `terminal` extension. *This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12. CVSSv3.1 8.8 (HIGH)

CWECWE 345VNDMozillaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-06-24
2025-06-24 13:15Z
CRIT

CVE-2025-6424 — Mozilla Firefox: A use-after-free in FontFaceSet resulted in a potentially exploitable crash.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6424

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12. CVSSv3.1 9.8 (CRITICAL)

CWECWE 416VNDMozillaVNDFontfacesetTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-06-23
2025-06-23 23:15Z
HIGH

CVE-2025-6529 — 70mai M300_firmware: The manipulation leads to use of default credentials.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-6529

A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 8.8 (HIGH) · EPSS 66th percentile

CWECWE 1392VND70maiTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-06-23
2025-06-23 17:15Z
CRIT

CVE-2023-47031 — Ncr Terminal_handler: An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-47031

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile

CWECWE 284VNDNcrTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-06-22
2025-06-22 22:49Z
HIGH

VEH2 — A Patchless AMSI Bypass Technique using VEH²

GitHub · EDR bypass / evasion·github.comGITHUB POC

VEH2 is a public proof-of-concept tool implementing a patchless AMSI bypass technique using double Vectored Exception Handling (VEH) to intercept AmsiScanBuffer at runtime without modifying its code. The tool hosts the .NET CLR natively and executes arbitrary .NET assemblies from memory while evading AMSI detection by manipulating hardware breakpoints and exception handlers to force a clean scan result.

SRFOsTACTA0005TYPToolTYPExploitSTGDefense EvasionTECT1562.001EXPSandbox EscapeSTApoc public
72
Edit Score
2025-06-20
2025-06-20 15:15Z
HIGH

CVE-2025-52825 — Site: Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Privilege

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52825

Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Privilege Escalation.This issue affects Real Estate Manager: from n/a through <= 7.3. CVSSv3.1 8.8 (HIGH)

CWECWE 352TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-06-20
2025-06-20 15:15Z
HIGH

CVE-2025-52822 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52822

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WP Roadmap wp-roadmap allows SQL Injection.This issue affects WP Roadmap: from n/a through <= 2.1.3. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-06-20
2025-06-20 15:15Z
HIGH

CVE-2025-52821 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52821

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager video-list-manager allows SQL Injection.This issue affects Video List Manager: from n/a through <= 1.7. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-06-19
2025-06-19 13:15Z
CRIT

CVE-2025-4738 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-4738

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection. This issue affects MY ERP: before 1.170. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile

CWECWE 89TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-06-18
2025-06-18 14:15Z
CRIT

CVE-2025-46157 — Efrotech Timetrax: An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form CVSSv3.1 9.9 (CRITICAL) · EPSS 55th percentile

CWECWE 434VNDEfrotechTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2025-06-18
2025-06-18 13:00Z
HIGH

2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries

Bishop Fox Labs·bishopfox.com

Bishop Fox publishes a curated roundup of 16 red team tools spanning cloud/identity exploitation (AzureHound, ROADtools, AADInternals, GraphRunner, TREVORspray, MFASweep, SeamlessPass, MicroBurst), evasion techniques (Minikerberos, Windows-rs, Scapy, Pwntools), and post-exploitation frameworks (Volatility, Frida, Evilginx, CursedChrome). The selection emphasizes Azure AD/Microsoft 365 attack surface, credential harvesting, MFA bypass, and browser-based persistence mechanisms.

SRFApplicationSRFOsTACTA0004TACTA0005TACTA0001TACTA0002TACTA0006TACTA0007
72
Edit Score
2025-06-17
2025-06-17 15:15Z
HIGH

CVE-2025-49879 — Limitation: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in themezaa

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-49879

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in themezaa Litho litho allows Path Traversal.This issue affects Litho: from n/a through <= 3.0. CVSSv3.1 8.6 (HIGH)

CWECWE 22TYPVulnerability
8.6
CVSS v3.1
93
Edit Score