The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Microsoft Patch Tuesday: March 2025

Published: 2025-03-11

Last Updated: 2025-03-11 17:52:02 UTC

by Johannes Ullrich (Version: 1)

The March patch Tuesday looks like a fairly light affair, with only 51 vulnerabilities total and only six rated as critical. However, this patch Tuesday also includes six patches for already exploited, aka "0-Day" vulnerabilities. None of the already exploited vulnerabilities are rated as critical.

Today's most interesting vulnerability is a not-yet exploited critical vulnerability (CVE-2025-24064) that affects the Windows Domain Name Service. A remote code attacker would exploit this vulnerability by sending a "perfectly timed" dynamic DNS update message. Many Windows DNS servers support dynamic updates, making assigning hostnames to internal IP addresses easier. It is unclear if the server is exploitable if dynamic updates are disabled.

Three of the exploited vulnerabilities affect the NTFS file system. One may lead to remote code execution. The other two are considered privilege escalation vulnerabilities. The remote code execution vulnerability, CVE-2025-24993, is due to a heap-based buffer overflow. Typically, these types of vulnerabilities are exploited when mounting a corrupt file system.

CVE-2025-24985 is related to the Windows Fast FAT File System Driver. Again a heap-based buffer overflow, or "Integer Overflow/Wraparound", the vulnerability allows for remote code execution. The attacker may be remote for both the NTFS and FAT issues, but the attacker will likely upload the corrupt VHD disk image to the victim and mount it locally. Of course, the attacker may just provide the VHD file and trick the victim into mounting it locally.

The two remaining already exploited vulnerabilities affect a security feature bypass in the Microsoft Management Console and a privilege elevation vulnerability in the Win32 kernel subsystem.

Three of the critical vulnerabilities affect the Windows Remote Desktop Services. Systems are vulnerable if they act as a remote gateway. This is important because gateways are likelier to be exposed to the internet. However, the attacker will also have to win an unspecified race condition, often resulting in less reliable exploits.

The remaining critical vulnerabilities affect Microsoft Office and the Windows subsytem for Linux ...

Read the full entry: https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2025/31756/

Apple Fixes Exploited WebKit Vulnerability in iOS, MacOS, visionOS and Safari

Published: 2025-03-11

Last Updated: 2025-03-11 19:22:10 UTC

by Johannes Ullrich (Version: 1)

Today, Apple released a critical update to fix a single, already exploited, WebKit vulnerability. The patch was released for current versions of iOS, macOS, and visionOS. A standalone update for Safari was also made available, which will help address this issue in macOS 13 and 14 (Ventura, Sonoma).

Apple states that this vulnerability may be used to break out of the Web Content sandbox. The attack was initially addressed in iOS 17.2, but this additional fix is "supplementary." The vulnerability was used in targeted attacks against iOS before 17.2.

Read the full entry: https://isc.sans.edu/diary/Apple+Fixes+Exploited+WebKit+Vulnerability+in+iOS+MacOS+visionOS+and+Safari/31758/

Shellcode Encoded in UUIDs

Published: 2025-03-10

Last Updated: 2025-03-10 08:23:57 UTC

by Xavier Mertens (Version: 1)

I returned from another FOR610 class last week in London. One key tip I give to my students is to keep an eye on "strange" API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The fact that an API is used in a program does not always mean we are facing malicious code, but sometimes, some of them are derived from their official purpose. One of my hunting rules for malicious scripts is to search for occurrences of the ctypes library. It allows Python to call functions in DLLs or shared libraries ...

I spotted a malicious Python script that uses the following API call: UuidFromStringA(). This function converts a UUID string to its binary format.

A UUID (Universally Unique Identifier) is a 128-bit value commonly used in software systems to provide a practically guaranteed unique reference. It is represented as a string of hexadecimal digits often divided into five groups. Because of their structure and generation process (timestamp-based or random), UUIDs have an extremely low chance of collision, making them ideal for identifying objects or records across distributed systems where a central authority to track uniqueness may not exist.

The Python script I found contained an array of UUIDs that, once decoded in raw bytes, was injected in memory as a shellcode ...

Read the full entry: https://isc.sans.edu/diary/Shellcode+Encoded+in+UUIDs/31752/

Commonly Probed Webshell URLs (2025.03.09)

https://isc.sans.edu/diary/Commonly+Probed+Webshell+URLs/31748/

DShield Traffic Analysis using ELK (2025.03.06)

https://isc.sans.edu/diary/DShield+Traffic+Analysis+using+ELK/31742/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: VMware ESXi

CVSS Score: 9.3

** KEV since 2025-03-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22224

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Product: VMware ESXi

CVSS Score: 8.2

** KEV since 2025-03-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22225

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Product: VMware ESXi

CVSS Score: 7.1

** KEV since 2025-03-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22226

NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Product: Microsoft Windows Fast FAT Driver

CVSS Score: 7.8

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24985

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985

Product: Microsoft Windows NTFS

CVSS Score: 7.8

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24993

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993

Product: Zohocorp ManageEngine ADSelfService Plus

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1723

ISC Podcast: https://isc.sans.edu/podcastdetail/9350

Product: Microsoft Windows Win32 Kernel Subsystem

CVSS Score: 7.0

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24983

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983

Product: Microsoft Management Console

CVSS Score: 7.0

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26633

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633

Product: Microsoft Windows NTFS

CVSS Score: 4.6

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24984

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984

Product: Microsoft Windows NTFS

CVSS Score: 5.5

** KEV since 2025-03-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24991

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24991

Product: Moxa EDS-508A Series

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12297

ISC Podcast: https://isc.sans.edu/podcastdetail/9358

Product: Mozilla Firefox and Thunderbird

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1932

NVD References:

- https://bugzilla.mozilla.org/show_bug.cgi?id=1944313

- https://www.mozilla.org/security/advisories/mfsa2025-14/

- https://www.mozilla.org/security/advisories/mfsa2025-16/

- https://www.mozilla.org/security/advisories/mfsa2025-17/

- https://www.mozilla.org/security/advisories/mfsa2025-18/

Product: Mozilla Firefox

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1941

NVD References:

- https://bugzilla.mozilla.org/show_bug.cgi?id=1944665

- https://www.mozilla.org/security/advisories/mfsa2025-14/

Product: Uniguest TripleplayCVSS Scores: 9.8 - 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50704NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50706NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50707NVD References:- https://uniguest.com/cve-bulletins/- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50704-Vulnerability-Summary.pdf- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50706-Vulnerability-Summary.pdf- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdfCVE-2025-27507 - ZITADEL's Admin API in versions prior to 2.71.0 contains IDOR vulnerabilities that could allow unauthorized users to modify sensitive settings, particularly affecting LDAP configurations.Product: ZITADELCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507NVD References:- https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32xCVE-2025-1260 - Arista EOS with OpenConfig configured allows for unauthorized gNOI requests, potentially leading to unexpected switch configuration changes.Product: Arista Networks Arista EOSCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111CVE-2025-26136 - A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.Product: mysiteformeCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26136NVD References: https://gist.github.com/xiadmin6/6d664692d31a04eb59096a488b9f3712CVE-2025-26318 - TSplus Remote Access v17.30 has insecure permissions that let attackers access a list of all connected domain accounts.Product: TSplus Remote AccessCVSS Score: 9.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26318NVD References:- https://github.com/Frozenka/CVE-2025-26318- https://github.com/Frozenka/CVE-2025-26318CVE-2025-26319 - FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments.Product: FlowiseAI FlowiseCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26319NVD References:- https://github.com/dorattias/CVE-2025-26319- https://github.com/dorattias/CVE-2025-26319CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.Product: Edimax IC-7100CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.Product: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative usernameProduct: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-27638, CVE-2025-27640 through CVE-2025-27643, CVE-2025-27645 through CVE-2025-27652, CVE-2025-27655 through CVE-2025-27659, CVE-2025-27661, CVE-2025-27662, CVE-2025-27663, CVE-2025-27665 through CVE-2025-27668, CVE-2025-27670 through CVE-2025-27675, CVE-2025-27677, CVE-2025-27678, CVE-2025-27680, CVE-2025-27681, CVE-2025-27682 - Multiple vulnerabilities in Vasion Print (formerly PrinterLogic) before Virtual Appliance HostProduct: Vasion Print Virtual Appliance HostCVSS Scores: 9.1 - 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27638NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27640NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27641NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27642NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27643NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27645NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27646NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27647NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27648NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27649NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27650NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27651NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27652NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27655NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27656NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27657NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27658NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27659NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27661NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27662NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27663NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27665NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27666NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27667NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27668NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-2767…

Product: ZITADEL

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507

NVD References:

- https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4

- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32x

Product: Arista Networks Arista EOS

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260

NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111

Product: mysiteforme

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26136

NVD References: https://gist.github.com/xiadmin6/6d664692d31a04eb59096a488b9f3712

Product: TSplus Remote AccessCVSS Score: 9.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26318NVD References:- https://github.com/Frozenka/CVE-2025-26318- https://github.com/Frozenka/CVE-2025-26318CVE-2025-26319 - FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments.Product: FlowiseAI FlowiseCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26319NVD References:- https://github.com/dorattias/CVE-2025-26319- https://github.com/dorattias/CVE-2025-26319CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.Product: Edimax IC-7100CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.Product: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative usernameProduct: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-27638, CVE-2025-27640 through CVE-2025-27643, CVE-2025-27645 through CVE-2025-27652, CVE-2025-27655 through CVE-2025-27659, CVE-2025-27661, CVE-2025-27662, CVE-2025-27663, CVE-2025-27665 through CVE-2025-27668, CVE-2025-27670 through CVE-2025-27675, CVE-2025-27677, CVE-2025-27678, CVE-2025-27680, CVE-2025-27681, CVE-2025-27682 - Multiple vulnerabilities in Vasion Print (formerly PrinterLogic) before Virtual Appliance HostProduct: Vasion Print Virtual Appliance HostCVSS Scores: 9.1 - 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27638NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27640NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27641NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27642NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27643NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27645NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27646NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27647NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27648NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27649NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27650NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27651NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27652NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27655NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27656NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27657NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27658NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27659NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27661NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27662NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27663NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27665NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27666NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27667NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27668NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27670NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27671NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27672NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27673NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27674NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27675NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27677NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27678NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27680NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27681NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27682NVD References: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmCVE-2025-1393 - An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.Product: D-Link DIR-850L Wireless AC1200 Dual-Band Gigabit Cloud RouterCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1393NVD References: https://certvde.com/en/advisories/VDE-2025-021CVE-2025-25015 - Kibana is vulnerable to prototype pollution, allowing arbitrary code execution through crafted file uploads and HTTP requests, with differing exploitability based on user roles in various versions.Product: Elastic KibanaCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25015NVD References: https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441CVE-2024-12097 - Boceksoft Informatics E-Travel is vulnerable to SQL Injection before 15.12.2024.Product: Boceksoft E-TravelCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12097NVD References: https://www.usom.gov.tr/bildirim/tr-25-0053CVE-2024-13147 - Merkur Software B2B Login Panel before 15.01.2025 is vulnerable to SQL Injection.Product: Merkur Software B2B Login PanelCVSS Score: 9.8NVD: https:…

Product: FlowiseAI FlowiseCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26319NVD References:- https://github.com/dorattias/CVE-2025-26319- https://github.com/dorattias/CVE-2025-26319CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.Product: Edimax IC-7100CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.Product: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative usernameProduct: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07CVE-2025-27638, CVE-2025-27640 through CVE-2025-27643, CVE-2025-27645 through CVE-2025-27652, CVE-2025-27655 through CVE-2025-27659, CVE-2025-27661, CVE-2025-27662, CVE-2025-27663, CVE-2025-27665 through CVE-2025-27668, CVE-2025-27670 through CVE-2025-27675, CVE-2025-27677, CVE-2025-27678, CVE-2025-27680, CVE-2025-27681, CVE-2025-27682 - Multiple vulnerabilities in Vasion Print (formerly PrinterLogic) before Virtual Appliance HostProduct: Vasion Print Virtual Appliance HostCVSS Scores: 9.1 - 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27638NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27640NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27641NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27642NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27643NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27645NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27646NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27647NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27648NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27649NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27650NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27651NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27652NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27655NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27656NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27657NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27658NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27659NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27661NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27662NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27663NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27665NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27666NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27667NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27668NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27670NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27671NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27672NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27673NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27674NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27675NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27677NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27678NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27680NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27681NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27682NVD References: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmCVE-2025-1393 - An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.Product: D-Link DIR-850L Wireless AC1200 Dual-Band Gigabit Cloud RouterCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1393NVD References: https://certvde.com/en/advisories/VDE-2025-021CVE-2025-25015 - Kibana is vulnerable to prototype pollution, allowing arbitrary code execution through crafted file uploads and HTTP requests, with differing exploitability based on user roles in various versions.Product: Elastic KibanaCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25015NVD References: https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441CVE-2024-12097 - Boceksoft Informatics E-Travel is vulnerable to SQL Injection before 15.12.2024.Product: Boceksoft E-TravelCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12097NVD References: https://www.usom.gov.tr/bildirim/tr-25-0053CVE-2024-13147 - Merkur Software B2B Login Panel before 15.01.2025 is vulnerable to SQL Injection.Product: Merkur Software B2B Login PanelCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13147NVD References: https://www.usom.gov.tr/bildirim/tr-25-0054CVE-2023-38693 - Lucee Server is vulnerable to RCE via an XML XXE attack, fixed in versions 5.4.3.2, 5.3.12.1, 5.3.7.59, 5.3.8.236, and 5.3.9.173.Product: Lucee ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-…

Product: Edimax IC-7100

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08

Product: GMOD Apollo

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07

Product: GMOD Apollo

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07

Product: Vasion Print Virtual Appliance Host

CVSS Scores: 9.1 - 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27638

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27640

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27641

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27642

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27643

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27645

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27646

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27647

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27648

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27649

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27650

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27651

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27652

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27655

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27656

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27657

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27658

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27659

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27661

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27662

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27663

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27665

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27666

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27667

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27668

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27670

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27671

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27672

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27673

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27674

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27675

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27677

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27678

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27680

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27681

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27682

NVD References: https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm

Product: D-Link DIR-850L Wireless AC1200 Dual-Band Gigabit Cloud Router

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1393

NVD References: https://certvde.com/en/advisories/VDE-2025-021

Product: Elastic Kibana

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25015

NVD References: https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441

Product: Boceksoft E-Travel

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12097

NVD References: https://www.usom.gov.tr/bildirim/tr-25-0053

Product: Merkur Software B2B Login Panel

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13147

NVD References: https://www.usom.gov.tr/bildirim/tr-25-0054

Product: Lucee Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38693

NVD References: https://github.com/lucee/Lucee/security/advisories/GHSA-vwjx-mmwm-pwrf

Product: Spacy-LLM

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25362

NVD References: https://github.com/explosion/spacy-llm/issues/492

Product: Tenda AC15

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25632

NVD References: https://github.com/Pr0b1em/IoT/blob/master/TendaAC15v15.03.05.19telnet.md

Product: Finder Fire Safety Finder ERP/CRM

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12144

NVD References: https://www.usom.gov.tr/bildirim/tr-25-0060

Product: PublicCMS

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25361

NVD References:

- https://github.com/c0rdXy/POC/blob/master/CVE/PublicCMS/XSS_02/XSS_02.md

- https://github.com/c0rdXy/POC/blob/master/CVE/PublicCMS/XSS_02/XSS_02.md

Product: CRMEB-KYCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25763NVD References:- https://github.com/J-0k3r/CVE-2025-25763- https://github.com/J-0k3r/sql/blob/main/sql.pdfCVE-2025-27816 - Arctera InfoScale versions 7.0 through 8.0.2 are vulnerable to .NET remoting endpoint exploitation through insecure deserialization, specifically in the Windows Plugin_Host service.Product: Arctera InfoScaleCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27816NVD References: https://www.veritas.com/content/support/en_US/security/ARC25-002CVE-2025-27603 - XWiki Confluence Migrator Pro allows arbitrary code execution by users without programming rights when creating a page using the Migration Page template, fixed in 1.2.0.Product: XWiki Confluence Migrator ProCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27603NVD References:- https://github.com/xwikisas/application-confluence-migrator-pro/commit/36cef2271bd429773698ca3a21e47b6d51d6377d- https://github.com/xwikisas/application-confluence-migrator-pro/security/advisories/GHSA-6qvp-39mm-95v8- https://github.com/xwikisas/application-confluence-migrator-pro/security/advisories/GHSA-6qvp-39mm-95v8CVE-2024-42733 - Docmosis Tornado v.2.9.7 and earlier versions are susceptible to remote code execution via a maliciously crafted script.Product: Docmosis TornadoCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42733NVD References:- https://github.com/Docmosis/tornado-docker/issues/14- https://github.com/Marsman1996/pocs/blob/master/redox/CVE-2024-57492/README.mdCVE-2025-25306 - Misskey does not sufficiently validate the relation between the `id` and `url` fields of ActivityPub objects, allowing attackers to forge authority in the `url` field.Product: MisskeyCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25306NVD References:- https://github.com/misskey-dev/misskey/releases/tag/2025.2.1- https://github.com/misskey-dev/misskey/security/advisories/GHSA-6w2c-vf6f-xf26CVE-2024-56336 - SINAMICS S200 is vulnerable to injection of malicious code or installation of untrusted firmware due to an unlocked bootloader.Product: Siemens SINAMICS S200CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56336NVD References: https://cert-portal.siemens.com/productcert/html/ssa-787280.htmlCVE-2025-27494 - SiPass integrated AC5102 (ACC-G2) and SiPass integrated ACC-AP devices < V6.4.9 have a vulnerability that could allow a remote administrator to escalate privileges by injecting arbitrary commands.Product: Siemens SiPass integrated AC5102CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27494NVD References: https://cert-portal.siemens.com/productcert/html/ssa-515903.htmlCVE-2024-9157 - Synaptics audio drivers include an unsupported privilege escalation vulnerability that allows a local attacker to load a DLL in a privileged process.Product: Synaptics audio driversCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9157ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://www.synaptics.com/sites/default/files/2025-03/audio-driver-security-brief-2025-03-11.pdfCVE-2025-24064 - Use after free in DNS Server allows an unauthorized attacker to execute code over a network.Product: Microsoft DNS ServerCVSS Score: 8.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24064ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064CVE-2025-26701 - Percona PMM Server (OVA) before version 3.0.0-1.ova allows default service account credentials to potentially lead to SSH access, use of Sudo to root, and sensitive data exposure, fixed in later versions.Product: Percona PMM ServerCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26701NVD References: https://www.percona.com/blog/security-advisory-cve-affecting-percona-monitoring-and-management-pmm/CVE-2025-21180 - Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.Product: Microsoft Windows exFAT File SystemCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21180ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21180CVE-2025-24035 & CVE-2025-24045 - Windows Remote Desktop Services allows unauthorized code execution through vulnerable memory storage.Product: Microsoft Windows Remote Desktop ServicesCVSS Score: 8.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24035NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24045ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24035- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24045CVE-2025-24043 - Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.Product: Microsoft .NETCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24043ISC Diary: …

Product: Arctera InfoScale

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27816

NVD References: https://www.veritas.com/content/support/en_US/security/ARC25-002

Product: XWiki Confluence Migrator Pro

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27603

NVD References:

- https://github.com/xwikisas/application-confluence-migrator-pro/commit/36cef2271bd429773698ca3a21e47b6d51d6377d

- https://github.com/xwikisas/application-confluence-migrator-pro/security/advisories/GHSA-6qvp-39mm-95v8

- https://github.com/xwikisas/application-confluence-migrator-pro/security/advisories/GHSA-6qvp-39mm-95v8

Product: Docmosis Tornado

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42733

NVD References:

- https://github.com/Docmosis/tornado-docker/issues/14

- https://github.com/Marsman1996/pocs/blob/master/redox/CVE-2024-57492/README.md

Product: Misskey

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25306

NVD References:

- https://github.com/misskey-dev/misskey/releases/tag/2025.2.1

- https://github.com/misskey-dev/misskey/security/advisories/GHSA-6w2c-vf6f-xf26

Product: Siemens SINAMICS S200

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56336

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-787280.html

Product: Siemens SiPass integrated AC5102

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27494

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-515903.html

Product: Synaptics audio drivers

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9157

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://www.synaptics.com/sites/default/files/2025-03/audio-driver-security-brief-2025-03-11.pdf

Product: Microsoft DNS Server

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24064

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24064

Product: Percona PMM Server

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26701

NVD References: https://www.percona.com/blog/security-advisory-cve-affecting-percona-monitoring-and-management-pmm/

Product: Microsoft Windows exFAT File System

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21180

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21180

CVE-2025-24035 & CVE-2025-24045 - Windows Remote Desktop Services allows unauthorized code execution through vulnerable memory storage.Product: Microsoft Windows Remote Desktop ServicesCVSS Score: 8.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24035NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24045ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24035- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24045CVE-2025-24043 - Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.Product: Microsoft .NETCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24043ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24043CVE-2025-24044 - Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Win32 Kernel SubsystemCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24044ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24044CVE-2025-24046 - Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.Product: Microsoft Streaming ServiceCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24046ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24046CVE-2025-24048 & CVE-2025-24050 - Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Hyper-VCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24048NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24050ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24048- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24050CVE-2025-24049 - Azure Command Line Integration (CLI) is vulnerable to command injection, allowing unauthorized attackers to locally elevate privileges.Product: Microsoft Azure Command Line Integration (CLI)CVSS Score: 8.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24049ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049CVE-2025-24051 - Windows Routing and Remote Access Service (RRAS) is vulnerable to a heap-based buffer overflow, allowing remote code execution by an unauthorized attacker.Product: Microsoft Windows Routing and Remote Access Service (RRAS)CVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24051ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24051CVE-2025-24056 - Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.Product: Microsoft Windows Telephony ServerCVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24056ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24056CVE-2025-24057 - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.Product: Microsoft Microsoft OfficeCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24057ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24057CVE-2025-24059 - Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Common Log File System DriverCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24059ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059CVE-2025-24061 - Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.Product: Microsoft Windows Mark of the Web (MOTW)CVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24061ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24061CVE-2025-24066 - Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Kernel-Mode DriversCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24066ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24066CVE-2025-24067 - Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.Product: Microsoft Streaming ServiceCVSS Score: 7.8NVD: htt…

Product: Microsoft .NET

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24043

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24043

Product: Microsoft Windows Win32 Kernel Subsystem

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24044

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24044

Product: Microsoft Streaming Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24046

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24046

CVE-2025-24048 & CVE-2025-24050 - Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Hyper-VCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24048NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24050ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24048- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24050CVE-2025-24049 - Azure Command Line Integration (CLI) is vulnerable to command injection, allowing unauthorized attackers to locally elevate privileges.Product: Microsoft Azure Command Line Integration (CLI)CVSS Score: 8.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24049ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049CVE-2025-24051 - Windows Routing and Remote Access Service (RRAS) is vulnerable to a heap-based buffer overflow, allowing remote code execution by an unauthorized attacker.Product: Microsoft Windows Routing and Remote Access Service (RRAS)CVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24051ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24051CVE-2025-24056 - Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.Product: Microsoft Windows Telephony ServerCVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24056ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24056CVE-2025-24057 - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.Product: Microsoft Microsoft OfficeCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24057ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24057CVE-2025-24059 - Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Common Log File System DriverCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24059ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059CVE-2025-24061 - Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.Product: Microsoft Windows Mark of the Web (MOTW)CVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24061ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24061CVE-2025-24066 - Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Kernel-Mode DriversCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24066ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24066CVE-2025-24067 - Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.Product: Microsoft Streaming ServiceCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24067ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24067CVE-2025-24070 - Weak authentication in ASP.NET Core &amp; Visual Studio allows an unauthorized attacker to elevate privileges over a network.Product: Microsoft ASP.NET Core & Visual StudioCVSS Score: 7.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24070ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24070CVE-2025-24071 - Windows File Explorer allows unauthorized attackers to perform network spoofing by exposing sensitive information to unauthorized actors.Product: Microsoft Windows File ExplorerCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24071ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071CVE-2025-24072 - Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.Product: Microsoft Local Security Authority ServerCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24072ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24072CVE-2025-24075 - Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.Product: Microsoft Office ExcelCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24075#ISC Diary: https:/…

Product: Microsoft Azure Command Line Integration (CLI)

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24049

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049

Product: Microsoft Windows Routing and Remote Access Service (RRAS)

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24051

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24051

Product: Microsoft Windows Telephony Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24056

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24056

Product: Microsoft Microsoft Office

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24057

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24057

Product: Microsoft Windows Common Log File System Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24059

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24059

Product: Microsoft Windows Mark of the Web (MOTW)

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24061

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24061

Product: Microsoft Windows Kernel-Mode Drivers

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24066

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24066

Product: Microsoft Streaming Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24067

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24067

Product: Microsoft ASP.NET Core & Visual Studio

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24070

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24070

Product: Microsoft Windows File Explorer

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24071

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071

Product: Microsoft Local Security Authority Server

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24072

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24072

Product: Microsoft Office Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24075#

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24075

Product: Microsoft Windows Cross Device Service

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24076

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24076

CVE-2025-24077 through CVE-2025-24082m

Product: Microsoft Office, Word, and ExcelCVSS Scores: 7.0 - 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24077NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24078NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24079NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24080NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24081NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24082NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26629NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26630ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24077- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24078- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24079- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24080- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24081- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24082- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26629- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26630CVE-2025-24083 - Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.Product: Microsoft OfficeCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24083ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24083CVE-2025-24084 - Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.Product: Microsoft Windows Subsystem for LinuxCVSS Score: 8.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24084ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24084CVE-2025-24994 - Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.Product: Microsoft Windows Cross Device ServiceCVSS Score: 7.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24994ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24994CVE-2025-24995 - Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.Product: Microsoft Kernel Streaming WOW Thunk Service DriverCVSS Score: 7.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24995ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24995CVE-2025-24998 & CVE-2025-25003 - Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.Product: Microsoft Visual StudioCVSS Score: 7.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24998NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25003ISC Diary: https://isc.sans.edu/diary/31756NVD References:- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24998- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003CVE-2025-25008 - Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.Product: Microsoft WindowsCVSS Score: 7.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25008ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25008CVE-2025-26627 - Azure Arc is vulnerable to command injection, enabling an authorized attacker to locally elevate privileges.Product: Microsoft Azure ArcCVSS Score: 7.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26627ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26627CVE-2025-26631 - Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.Product: Microsoft Visual Studio CodeCVSS Score: 7.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26631ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631CVE-2025-26645 - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.Product: Microsoft Remote Desktop ClientCVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26645ISC Diary: https://isc.sans.edu/diary/31756NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645CVE-2024-56161 - AMD CPU ROM microcode patch loader has improper signature verification, allowing a local attacker to load malicious microcode, compromising the confidentiality and integrity of a confidential guest under AMD SEV-SNP.Product: AMD CPU ROM microcode patch loaderCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56161ISC Podcast: https://isc.sans.edu/podcastdetail/9352CVE-2025-0912 - The Donations Widget plugin for WordPress is vulnerab…

Product: Microsoft Office

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24083

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24083

Product: Microsoft Windows Subsystem for Linux

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24084

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24084

Product: Microsoft Windows Cross Device Service

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24994

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24994

Product: Microsoft Kernel Streaming WOW Thunk Service Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24995

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24995

Product: Microsoft Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24998

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25003

ISC Diary: https://isc.sans.edu/diary/31756

NVD References:

- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24998

- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003

CVE-2025-25008 - Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

Product: Microsoft Windows

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25008

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25008

CVE-2025-26627 - Azure Arc is vulnerable to command injection, enabling an authorized attacker to locally elevate privileges.

Product: Microsoft Azure Arc

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26627

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26627

CVE-2025-26631 - Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Product: Microsoft Visual Studio Code

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26631

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631

CVE-2025-26645 - Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Product: Microsoft Remote Desktop Client

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26645

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645

CVE-2024-56161 - AMD CPU ROM microcode patch loader has improper signature verification, allowing a local attacker to load malicious microcode, compromising the confidentiality and integrity of a confidential guest under AMD SEV-SNP.

Product: AMD CPU ROM microcode patch loader

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56161

ISC Podcast: https://isc.sans.edu/podcastdetail/9352

CVE-2025-0912 - The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection, allowing unauthenticated attackers to achieve remote code execution.

Product: GiveWP

******Active Installations: 100,000

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0912

NVD References:

- https://github.com/impress-org/givewp/pull/7679/files

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donations/Properties/BillingAddress.php

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donations/Repositories/DonationRepository.php

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donors/Repositories/DonorRepository.php

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3234114%40give&new=3234114%40give&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/8a8ae1b0-e9a0-4179-970b-dbcb0642547c?source=cve

CVE-2025-1661 - The HUSKY - Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to 1.3.6.5, allowing unauthenticated attackers to execute arbitrary files and potentially bypass access controls, access sensitive data, or achieve code execution.

Product: HUSKY Products Filter Professional

******Active Installations: 100,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1661

NVD References:

- https://plugins.trac.wordpress.org/browser/woocommerce-products-filter/trunk/ext/by_text/index.php

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3249621%40woocommerce-products-filter&new=3249621%40woocommerce-products-filter&sfp_email=&sfph_mail=

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3253169%40woocommerce-products-filter&new=3253169%40woocommerce-products-filter&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/9ae7b6fc-2120-4573-8b1b-d5422d435fa5?source=cve

CVE-2025-1307 - The Newscrunch theme for WordPress allows authenticated attackers to upload arbitrary files and potentially execute remote code due to a missing capability check in all versions up to 1.8.4.1.

Product: Spicethemes Newscrunch

Active Installations: 5,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1307

NVD References:

- https://themes.trac.wordpress.org/browser/newscrunch/1.8.3/functions.php#L486

- https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=261789%40newscrunch&new=261789%40newscrunch&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/b55567e9-24e6-4738-b7f7-b95b541e6067?source=cve

CVE-2025-1475 - The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to 1.7.5, allowing unauthenticated attackers to log in as any existing user if SMS login is enabled.

Product: WordPress WPCOM Member plugin

Active Installations: 2,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1475

NVD References:

- https://plugins.trac.wordpress.org/browser/wpcom-member/tags/1.7.1/includes/form-validation.php#L110

- https://plugins.trac.wordpress.org/changeset/3248208/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/05178bf3-3040-41aa-ba43-779376d30298?source=cve

CVE-2025-1515 - The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass due to insufficient identity verification, allowing unauthenticated attackers to log in as any user on the site, including administrators.

Product: WordPress WP Real Estate Manager

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1515

NVD References:

- https://themeforest.net/item/home-villa-real-estate-wordpress-theme/19446059

- https://www.wordfence.com/threat-intel/vulnerabilities/id/84f08111-d116-46f9-9765-28966e338753?source=cve

CVE-2024-12876 - The Golo - City Travel Guide WordPress Theme is vulnerable to privilege escalation through account takeover.

Product: Golo City Travel Guide WordPress Theme

Active Installations: Unknown. Update to version 1.6.11, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12876

NVD References:

- https://themeforest.net/item/golo-directory-listing-travel-wordpress-theme/25397810

- https://www.wordfence.com/threat-intel/vulnerabilities/id/e6cb81e5-61a4-4b67-a668-d8a7d46b2cea?source=cve

CVE-2025-0177 - The Javo Core plugin for WordPress is vulnerable to privilege escalation through account registration.

Product: Javo Core plugin for WordPress

Active Installations: unknown. Update to version 3.0.0.266, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0177

NVD References:

- https://themeforest.net/item/javo-directory-wordpress-theme/8390513#item-description__update-history

- https://www.wordfence.com/threat-intel/vulnerabilities/id/7d636768-37b4-4343-9028-30e7b1f997f2?source=cve

CVE-2024-11951 - The Homey Login Register plugin for WordPress is susceptible to privilege escalation through role manipulation.

Product: WordPress Homey Login Register plugin

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-11951

NVD References:

- https://themeforest.net/item/homey-booking-wordpress-theme/23338013

- https://www.wordfence.com/threat-intel/vulnerabilities/id/67c4066f-b8bc-4cd0-ae47-844af23e003f?source=cve

CVE-2024-12281 - The Homey theme for WordPress allows privilege escalation in versions up to 2.4.2 due to the ability for users to set their own roles, enabling unauthenticated attackers to gain elevated privileges.

Product: WordPress Homey theme

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12281

NVD References:

- https://themeforest.net/item/homey-booking-wordpress-theme/23338013

- https://www.wordfence.com/threat-intel/vulnerabilities/id/3b93c33c-4ab1-48a2-b84d-3cb38ccea829?source=cve

CVE-2025-1315 - The InWave Jobs plugin for WordPress is vulnerable to privilege escalation through password reset, allowing unauthenticated attackers to change any user's password and potentially gain access to their account.

Product: InWave Jobs plugin for WordPress

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1315

NVD References:

- https://themeforest.net/item/injob-job-board-wordpress-theme/20322987

- https://www.wordfence.com/threat-intel/vulnerabilities/id/e49c7b2a-5241-4762-b7c9-c33b1ac4a668?source=cve

CVE-2024-13787 - The VEDA - MultiPurpose WordPress Theme is vulnerable to PHP Object Injection, allowing authenticated attackers to inject a PHP Object with Subscriber-level access and above, potentially leading to malicious actions if a POP chain is present in the system.

Product: The VEDA MultiPurpose WordPress Theme

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13787

NVD References:

- https://themeforest.net/item/veda-multipurpose-theme/15860489

- https://www.wordfence.com/threat-intel/vulnerabilities/id/d0966138-b28b-4c03-a2cf-b51c5f478276?source=cve

CVE-2025-26916 - Massive Dynamic in EPC is vulnerable to PHP Remote File Inclusion from versions n/a through 8.2.

Product: EPC Massive Dynamic

Active Installations: unknown

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26916

NVD References: https://patchstack.com/database/wordpress/theme/massive-dynamic/vulnerability/wordpress-massive-dynamic-theme-8-2-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

CVE-2025-26936 - Fresh Framework is vulnerable to Code Injection from versions n/a through 1.70.0.

Product: Fresh Framework

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26936

NVD References: https://patchstack.com/database/wordpress/plugin/fresh-framework/vulnerability/wordpress-fresh-framework-plugin-1-70-0-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve

CVE-2025-28915 - ThemeEgg ToolKit allows for unrestricted upload of dangerous file types, potentially enabling attackers to upload a web shell onto a web server.

Product: ThemeEgg ToolKit

Active Installations: This plugin has been closed as of February 26, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28915

NVD References: https://patchstack.com/database/wordpress/plugin/themeegg-toolkit/vulnerability/wordpress-themeegg-toolkit-plugin-1-2-9-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Microsoft Windows

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25008

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25008

Product: Microsoft Azure Arc

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26627

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26627

Product: Microsoft Visual Studio Code

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26631

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631

Product: Microsoft Remote Desktop Client

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26645

ISC Diary: https://isc.sans.edu/diary/31756

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645

Product: AMD CPU ROM microcode patch loader

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56161

ISC Podcast: https://isc.sans.edu/podcastdetail/9352

Product: GiveWP

******Active Installations: 100,000

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0912

NVD References:

- https://github.com/impress-org/givewp/pull/7679/files

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donations/Properties/BillingAddress.php

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donations/Repositories/DonationRepository.php

- https://plugins.trac.wordpress.org/changeset/3234114/give/trunk/src/Donors/Repositories/DonorRepository.php

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3234114%40give&new=3234114%40give&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/8a8ae1b0-e9a0-4179-970b-dbcb0642547c?source=cve

Product: HUSKY Products Filter Professional

******Active Installations: 100,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1661

NVD References:

- https://plugins.trac.wordpress.org/browser/woocommerce-products-filter/trunk/ext/by_text/index.php

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3249621%40woocommerce-products-filter&new=3249621%40woocommerce-products-filter&sfp_email=&sfph_mail=

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3253169%40woocommerce-products-filter&new=3253169%40woocommerce-products-filter&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/9ae7b6fc-2120-4573-8b1b-d5422d435fa5?source=cve

Product: Spicethemes Newscrunch

Active Installations: 5,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1307

NVD References:

- https://themes.trac.wordpress.org/browser/newscrunch/1.8.3/functions.php#L486

- https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=261789%40newscrunch&new=261789%40newscrunch&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/b55567e9-24e6-4738-b7f7-b95b541e6067?source=cve

Product: WordPress WPCOM Member plugin

Active Installations: 2,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1475

NVD References:

- https://plugins.trac.wordpress.org/browser/wpcom-member/tags/1.7.1/includes/form-validation.php#L110

- https://plugins.trac.wordpress.org/changeset/3248208/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/05178bf3-3040-41aa-ba43-779376d30298?source=cve

Product: WordPress WP Real Estate Manager

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1515

NVD References:

- https://themeforest.net/item/home-villa-real-estate-wordpress-theme/19446059

- https://www.wordfence.com/threat-intel/vulnerabilities/id/84f08111-d116-46f9-9765-28966e338753?source=cve

Product: Golo City Travel Guide WordPress Theme

Active Installations: Unknown. Update to version 1.6.11, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12876

NVD References:

- https://themeforest.net/item/golo-directory-listing-travel-wordpress-theme/25397810

- https://www.wordfence.com/threat-intel/vulnerabilities/id/e6cb81e5-61a4-4b67-a668-d8a7d46b2cea?source=cve

Product: Javo Core plugin for WordPress

Active Installations: unknown. Update to version 3.0.0.266, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0177

NVD References:

- https://themeforest.net/item/javo-directory-wordpress-theme/8390513#item-description__update-history

- https://www.wordfence.com/threat-intel/vulnerabilities/id/7d636768-37b4-4343-9028-30e7b1f997f2?source=cve

Product: WordPress Homey Login Register plugin

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-11951

NVD References:

- https://themeforest.net/item/homey-booking-wordpress-theme/23338013

- https://www.wordfence.com/threat-intel/vulnerabilities/id/67c4066f-b8bc-4cd0-ae47-844af23e003f?source=cve

Product: WordPress Homey theme

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12281

NVD References:

- https://themeforest.net/item/homey-booking-wordpress-theme/23338013

- https://www.wordfence.com/threat-intel/vulnerabilities/id/3b93c33c-4ab1-48a2-b84d-3cb38ccea829?source=cve

Product: InWave Jobs plugin for WordPress

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1315

NVD References:

- https://themeforest.net/item/injob-job-board-wordpress-theme/20322987

- https://www.wordfence.com/threat-intel/vulnerabilities/id/e49c7b2a-5241-4762-b7c9-c33b1ac4a668?source=cve

Product: The VEDA MultiPurpose WordPress Theme

Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13787

NVD References:

- https://themeforest.net/item/veda-multipurpose-theme/15860489

- https://www.wordfence.com/threat-intel/vulnerabilities/id/d0966138-b28b-4c03-a2cf-b51c5f478276?source=cve

Product: EPC Massive Dynamic

Active Installations: unknown

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26916

NVD References: https://patchstack.com/database/wordpress/theme/massive-dynamic/vulnerability/wordpress-massive-dynamic-theme-8-2-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve

Product: Fresh Framework

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26936

NVD References: https://patchstack.com/database/wordpress/plugin/fresh-framework/vulnerability/wordpress-fresh-framework-plugin-1-70-0-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve

Product: ThemeEgg ToolKit

Active Installations: This plugin has been closed as of February 26, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28915

NVD References: https://patchstack.com/database/wordpress/plugin/themeegg-toolkit/vulnerability/wordpress-themeegg-toolkit-plugin-1-2-9-arbitrary-file-upload-vulnerability?_s_id=cve