Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2025-24773 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce wpcrm allows SQL Injection.This issue affects WPCRM - CRM for Contact form CF7 & WooCommerce: from n/a through <= 3.2.0. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-24761 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from n/a through < 2.4. CVSSv3.1 8.1 (HIGH)
CVE-2025-4404 — A privilege escalation from host to domain vulnerability was found in the FreeIPA project.
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrat CVSSv3.1 9.1 (CRITICAL) · EPSS 76th percentile
CVE-2025-49796 — Processing certain sch:name elements from the input XML file can trigger a memory corruption
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory. CVSSv3.1 9.1 (CRITICAL) · EPSS 83th percentile
CVE-2025-49794 — A use-after-free vulnerability was found in libxml2.
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors. CVSSv3.1 9.1 (CRITICAL) · EPSS 63th percentile
LainAmsiOpenSession — Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll
LainAmsiOpenSession is a PowerShell-based AMSI bypass tool that patches the AmsiOpenSession function in amsi.dll to evade Windows Defender and EDR detection. The technique derives from prior work by Sam Rothlisberger and Nuke-Amsi, implementing in-memory patching of the AMSI DLL to disable scanning.
CVE-2025-6095 — Codesiddhant Jasmin-ransomware: The manipulation of the argument username/password leads to sql injection.
A vulnerability, which was classified as critical, was found in codesiddhant Jasmin Ransomware 1.0.1. Affected is an unknown function of the file /checklogin.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 7.3 (HIGH) · EPSS 98th percentile
CVE-2025-46060 — Totolink N600r_firmware: Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary
Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2025-32756-POC — Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet p
Public proof-of-concept released for CVE-2025-32756, a critical stack-based buffer overflow in Fortinet products (FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera) affecting the AuthHash cookie processing in the /remote/hostcheck_validate endpoint. The PoC demonstrates unauthenticated RCE with CVSS 9.8 and includes scanning and exploitation capabilities across multiple target IPs and ranges.
CVE-2025-49710 — Mozilla Firefox: An integer overflow was present in `OrderedHashTable` used by the JavaScript engine.
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-49709 — Mozilla Firefox: Certain canvas operations could have lead to memory corruption.
Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-47953 — Microsoft 365_apps: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 78th percentile
CVE-2025-47167 — Microsoft 365_apps: Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 80th percentile
CVE-2025-47164 — Microsoft 365_apps: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 76th percentile
CVE-2025-47162 — Microsoft 365_apps: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 76th percentile
CVE-2025-49507 — Deserialization: of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through < 1.7.1. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-49455 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through <= 25.07010000-WP6.8.1-JB5.11.5. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-49454 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through < 3.10.0. CVSSv3.1 8.1 (HIGH) · EPSS 55th percentile
CVE-2025-49297 — Qodeinteractive Grill_and_chow: Path Traversal: '.../...//' vulnerability in Mikado-Themes Grill and Chow grillandchow allows PHP Local File
Path Traversal: '.../...//' vulnerability in Mikado-Themes Grill and Chow grillandchow allows PHP Local File Inclusion.This issue affects Grill and Chow: from n/a through <= 1.6. CVSSv3.1 8.1 (HIGH)
CVE-2025-49296 — Qodeinteractive Grandprix: Path Traversal: '.../...//' vulnerability in Mikado-Themes GrandPrix grandprix allows PHP Local File Inclusion.This issue
Path Traversal: '.../...//' vulnerability in Mikado-Themes GrandPrix grandprix allows PHP Local File Inclusion.This issue affects GrandPrix: from n/a through <= 1.6. CVSSv3.1 8.1 (HIGH)
CVE-2025-49295 — Qodeinteractive Mediclinic: Path Traversal: '.../...//' vulnerability in Mikado-Themes MediClinic mediclinic allows PHP Local File Inclusion.This issue
Path Traversal: '.../...//' vulnerability in Mikado-Themes MediClinic mediclinic allows PHP Local File Inclusion.This issue affects MediClinic: from n/a through <= 2.1. CVSSv3.1 8.1 (HIGH)
CVE-2025-49282 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magze magze allows PHP Local File Inclusion.This issue affects Magze: from n/a through <= 1.0.9. CVSSv3.1 8.1 (HIGH)
CVE-2025-49281 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magways magways allows PHP Local File Inclusion.This issue affects Magways: from n/a through <= 1.2.1. CVSSv3.1 8.1 (HIGH)
CVE-2025-49280 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magty magty allows PHP Local File Inclusion.This issue affects Magty: from n/a through <= 1.0.6. CVSSv3.1 8.1 (HIGH)
CVE-2025-49279 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogvy blogvy allows PHP Local File Inclusion.This issue affects Blogvy: from n/a through <= 1.0.7. CVSSv3.1 8.1 (HIGH)