SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
New Variant of Crypto Confidence Scam
Published: 2025-05-21
Last Updated: 2025-05-21 15:26:09 UTC
by Johannes Ullrich (Version: 1)
In February, we had a few diaries about crypto wallet scams. We saw these scams use YouTube comments, but they happened via other platforms and messaging systems, not just YouTube. The scam was a bit convoluted: The scammer posted the secret key to their crypto wallet. Usually, this would put their crypto wallet at risk of being emptied. But the wallet they used came with a twist: A second key was required. The scammer counted on the victim paying the transaction fee, which the scammer would receive, before attempting to withdraw the funds.
This is a classic "confidence scheme" or "advance fee" scheme. The victim believes they are scamming the attacker out of their money. Instead, they are being robbed. These types of scams are amazingly successful in real life and online. They rely on greedy victims attempting to get something for free (or cheap).
I recently started seeing a new variation of this scam, this time mostly via X direct messages ...
Read the full entry: https://isc.sans.edu/diary/New+Variant+of+Crypto+Confidence+Scam/31968/
Researchers Scanning the Internet
Published: 2025-05-20
Last Updated: 2025-05-20 13:59:12 UTC
by Johannes Ullrich (Version: 1)
We have been using our data to identify researchers scanning the internet for a few years. Currently, we are tracking 36 groups performing such scans, and our data feed of the IP addresses used contains around 33k addresses.
Of course, no clear definition of when a scan is inappropriate exists. Some consider any scan performed nationally and without permission to be unethical. Others have a higher bar, for example, considering scans appropriate if they do not exploit vulnerabilities or cause damage. Legal frameworks vary around the world.
Earlier today, Caleb reminded me of RFC 9511, which I believe offers some good ideas and should be considered if you plan to perform an internet-wide scan. The RFC is entitled "Attribution of Internet Probes." It gets to one of the main issues: Identify yourself if you are performing these scans. This way, if you are causing problems, targets can contact you. This should be a minimum requirement to limit unintentional damage.
Can a simple "scan" cause damage? Of course, it can! We had plenty of examples of such scans causing problems. My favorite example is an old Cisco bug that caused routers to crash if they were scanned with empty UDP packets.
RFC9511 suggests adding a URL to your probe packets and a probe description file at "/.well-known/probing.txt." The IP address the probe originates from should reverse resolve to a hostname, and the probe description file can be found at that hostname. Alternatively, the host the probe originates from should run a web server offering the file. Or the probe description URL should be included as a payload.
For web-based scanning, I see many scanners adding a URL to the user-agent header, which I think fulfills what RFC 9511 is attempting to achieve ...
Read the full entry: https://isc.sans.edu/diary/Researchers+Scanning+the+Internet/31964/
Web Scanning SonicWall for CVE-2021-20016 - Update
Published: 2025-05-14
Last Updated: 2025-05-15 01:23:29 UTC
by Guy Bruneau (Version: 1)
I published on the 29 Apr 2025 a diary on scanning activity looking for SonicWall and since this publication this activity has grown 10-fold. Over the past 14 days, several BACS students have reported activity related to SonicWall scans all related for the same 2 URLs previously mentioned in my last diary. My own DShield sensor was probed by 25 separate IPs during those last 14 days. The three most active IPs were all from the same subnet ...
Read the full entry: https://isc.sans.edu/diary/Web+Scanning+SonicWall+for+CVE202120016+Update/31952/
RAT Dropped By Two Layers of AutoIT Code (2025.05.19)
https://isc.sans.edu/diary/RAT+Dropped+By+Two+Layers+of+AutoIT+Code/31960/
xorsearch.py: Python Functions (2025.05.17)
https://isc.sans.edu/diary/xorsearchpy+Python+Functions/31858/
Microsoft Patch Tuesday: May 2025 (2025.05.13)
https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+May+2025/31946/
Apple Updates Everything: May 2025 Edition (2025.05.12)
https://isc.sans.edu/diary/Apple+Updates+Everything+May+2025+Edition/31942/
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
Product: Multiple Fortinet products
CVSS Score: 9.8
** KEV since 2025-05-14 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32756
ISC Podcast: https://isc.sans.edu/podcastdetail/9450
NVD References: https://fortiguard.fortinet.com/psirt/FG-IR-25-254
Product: Sonicwall SMA_500V
CVSS Score: 0
** KEV since 2021-11-03 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-20016
ISC Podcast: https://isc.sans.edu/podcastdetail/9454
Product: Sap NetWeaver
CVSS Score: 9.1
** KEV since 2025-05-15 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-42999
NVD References:
- https://me.sap.com/notes/3604119
- https://url.sap/sapsecuritypatchday
- https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/
Product: Ivanti Endpoint Manager Mobile
CVSS Score: 7.2
** KEV since 2025-05-19 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4428
ISC Podcast: https://isc.sans.edu/podcastdetail/9450
NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
Product: Ivanti Endpoint Manager Mobile
CVSS Score: 5.3
** KEV since 2025-05-19 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4427
ISC Podcast: https://isc.sans.edu/podcastdetail/9450
NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
Product: Google Chrome
CVSS Score: 4.3
** KEV since 2025-05-15 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4664
ISC Podcast: https://isc.sans.edu/podcastdetail/9454
NVD References:
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html
Product: Microsoft Windows 10 1507
CVSS Score: 7.5
** KEV since 2025-05-13 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30397
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30397
Product: Microsoft Windows 10 1809
CVSS Score: 7.8
** KEV since 2025-05-13 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30400
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30400
Product: Microsoft Windows 10 1507
CVSS Score: 7.8
** KEV since 2025-05-13 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32701
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32701
Product: Microsoft Windows 10 1507
CVSS Score: 7.8
** KEV since 2025-05-13 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32706
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32706
Product: Microsoft Windows 10 1507
CVSS Score: 7.8
** KEV since 2025-05-13 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32709
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32709
Product: Kashipara Billing Software v1.0
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49641
NVD References:
Product: Samsung MagicINFO 9 Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4632
NVD References: https://security.samsungtv.com/securityUpdates#SVP-MAY-2025
Product: OZW OZW672 and OZW772
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26389
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-047424.html
Product: OZW OZW672 and OZW772
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26390
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-047424.html
Product: Siemens RUGGEDCOM
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32469
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-33024
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-33025
NVD References: https://cert-portal.siemens.com/productcert/html/ssa-301229.html
Product: EngineerCMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44831
NVD References: https://github.com/3xxx/engineercms/issues/91
Product: NetAlertX 23.01.14 through 24.x before 24.10.12CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-46506NVD References: - https://rhinosecuritylabs.com/research/cve-2024-46506-rce-in-netalertx/- https://rhinosecuritylabs.com/research/cve-2024-46506-rce-in-netalertx/CVE-2025-22462 - Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2, and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system through an authentication bypass.Product: Ivanti Neurons for ITSMCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22462NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462CVE-2025-28056 - rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component.Product: rebuild v3.9.0CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28056NVD References: - https://gist.github.com/LTLTLXEY/c34dc785fc24f4cbb026e2ef3d7660c4- https://github.com/getrebuild/rebuild/issues/866CVE-2025-45857 - EDIMAX CV7428NS v1.20 is vulnerable to remote code execution (RCE) through the command parameter in the mp function.Product: EDIMAX CV7428NSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45857NVD References: - https://github.com/Jiangxiazhe/IOT_hack/blob/main/EDIMAX/CV7428NS/1.md- https://www.edimax.com/CVE-2025-45858 - TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.Product: TOTOLINK A3002RCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45858NVD References: - https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/injection1.md- https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/258/ids/36.htmlCVE-2025-45861, CVE-2025-45865, CVE-2025-45863 - TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple buffer overflow vulnerabilities.Product: Totolink A3002RCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45861NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45865NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45863NVD References: - https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/3/overflow.md- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/6/overflow.md- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/5/overflow.md- https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/258/ids/36.htmlCVE-2025-30387 - Azure vulnerability allows unauthorized attackers to elevate privileges through improper limitation of pathnames.Product: Microsoft Azure AI Document Intelligence StudioCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30387NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30387CVE-2025-4660 - SecureConnector for Windows is vulnerable to remote code execution due to improper access controls on a named pipe, allowing any network-based attacker to connect without authentication and issue commands via the SecureConnector Agent.Product: Forescout SecureConnectorCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4660NVD References: https://forescout.my.site.com/support/s/article/CVE-2025-45746 - ZKT ZKBio CVSecurity 6.4.1_R allows unauthenticated attackers to create JWT tokens with a hardcoded secret for unauthorized access to the service console.Product: ZKT ZKBio CVSecurityCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45746NVD References: - http://zkbio.com- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2025-45746.mdCVE-2025-43559 & CVE-2025-43560 - ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are vulnerable to Improper Input Validation issues allowing for arbitrary code execution by a high-privileged attacker without user interaction.Product: Adobe ColdFusionCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43559NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43560NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.htmlCVE-2025-43561 - ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability allowing high-privileged attackers to execute arbitrary code without user interaction.Product: Adobe ColdFusionCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43561NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.htmlCVE-2025-43562 - ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an OS Command Injection vulnerability allowing arbitrary code execution by high-privileged attackers.Product: Adobe ColdFusionCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43562NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.htmlCVE-2025-43563 & CVE-2025-43564 - ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are vulnerable to Improper …
Product: Ivanti Neurons for ITSM
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22462
NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462
Product: rebuild v3.9.0
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28056
NVD References:
- https://gist.github.com/LTLTLXEY/c34dc785fc24f4cbb026e2ef3d7660c4
Product: EDIMAX CV7428NS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45857
NVD References:
- https://github.com/Jiangxiazhe/IOT_hack/blob/main/EDIMAX/CV7428NS/1.md
Product: TOTOLINK A3002R
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45858
NVD References:
- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/injection1.md
- https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/258/ids/36.html
Product: Totolink A3002R
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45861
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45865
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45863
NVD References:
- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/3/overflow.md
- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/6/overflow.md
- https://github.com/Jiangxiazhe/IOT_hack/blob/main/TOTOLINK/A3002R/5/overflow.md
- https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/258/ids/36.html
Product: Microsoft Azure AI Document Intelligence Studio
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30387
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30387
Product: Forescout SecureConnector
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4660
NVD References: https://forescout.my.site.com/support/s/article/
Product: ZKT ZKBio CVSecurity
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45746
NVD References:
- https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2025-45746.md
Product: Adobe ColdFusion
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43559
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43560
NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html
Product: Adobe ColdFusion
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43561
NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html
Product: Adobe ColdFusion
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43562
NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html
Product: Adobe ColdFusion
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43563
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43564
NVD References: https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html
Product: Adobe Connect
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43567
NVD References: https://helpx.adobe.com/security/products/connect/apsb25-36.html
Product: Apache IoTDB
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24780
NVD References:
- https://lists.apache.org/thread/xphtm98v3zsk9vlpfh481m1ry2ctxvmj
Product: 5ire client
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47777
NVD References:
- https://github.com/nanbingxyz/5ire/security/advisories/GHSA-mr8w-mmvv-6hq8
Product: Rallly
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47781
NVD References: https://github.com/lukevella/rallly/security/advisories/GHSA-gm8g-3r3j-48hv
Product: mediDOK
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32363
NVD References:
- https://medidok.de/aktuelles-neuigkeiten/
- https://medidok.de/neueversionen/update-medidok-2-5-18-43-verfugbar/
Product: Samsung Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27891
NVD References:
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27891/
Product: Jenkins OpenID Connect Provider Plugin
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47884
NVD References: https://www.jenkins.io/security/advisory/2025-05-14/#SECURITY-3574
Product: Jenkins WSO2 OAuth Plugin
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47889
NVD References: https://www.jenkins.io/security/advisory/2025-05-14/#SECURITY-3481
Product: I-O DATA HDL-T Series
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32002
NVD References:
Product: WebERP v4.15.2
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46052
NVD References:
- https://github.com/johnchd/CVEs/blob/main/WebERP/CVE-2025-46052%20-%20SQLi.md
- https://github.com/johnchd/CVEs/blob/main/WebERP/CVE-2025-46052%20-%20SQLi.md
Product: Spotipy Spotify Web API
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47928
NVD References:
- https://github.com/spotipy-dev/spotipy/commit/4f5759dbfb4506c7b6280572a4db1aabc1ac778d
- https://github.com/spotipy-dev/spotipy/commit/9dfb7177b8d7bb98a5a6014f8e6436812a47576f
- https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-h25v-8c87-rvm8
Product: Auth0-PHP
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47275
NVD References:
- https://github.com/auth0/auth0-PHP/security/advisories/GHSA-g98g-r7gf-2r25
- https://github.com/auth0/laravel-auth0/security/advisories/GHSA-9fwj-9mjf-rhj3
- https://github.com/auth0/symfony/security/advisories/GHSA-9wg9-93h9-j8ch
- https://github.com/auth0/wordpress/security/advisories/GHSA-2f4r-34m4-3w8q
Product: Invision Community 5.0.0
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47916
NVD References:
- https://invisioncommunity.com/release-notes-v5/507-r41/
Product: BSON::XS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40906
NVD References:
- https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html
- https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890
Product: RAG RAGFlow
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48187
NVD References:
Product: Donetick open-source app
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47945
NVD References:
- https://github.com/donetick/donetick/commit/620b897bc0135f6668bb8a5562678104531108eb
- https://github.com/donetick/donetick/commit/b9a6e177eefdc605dedbc5320f0d93d6573d1db6
- https://github.com/donetick/donetick/security/advisories/GHSA-hjjg-vw4j-986x
Product: Netgear DGND3700
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4978
NVD References:
- https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/backdoor.md
Product: Not enough information provided to determine the vendor and product name.
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48017
NVD References: https://selinc.com/products/software/latest-software-versions/
Product: Langroid TableChatAgent
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46724
NVD References:
- https://github.com/langroid/langroid/commit/0d9e4a7bb3ae2eef8d38f2e970ff916599a2b2a6
- https://github.com/langroid/langroid/security/advisories/GHSA-jqq5-wc57-f8hj
Product: vLLM PyNcclPipe
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47277
NVD References:
- https://docs.vllm.ai/en/latest/deployment/security.html
- https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv
Product: OpenPGP.js OpenPGP protocol
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47934
ISC Podcast: https://isc.sans.edu/podcastdetail/9460
NVD References: https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-8qff-qr5q-5pr8
Product: WordPress 百度站长SEO合集
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-3917
NVD References:
- https://plugins.trac.wordpress.org/browser/baiduseo/tags/2.0.6/inc/index/youhua.php#L371
Product: TicketBAI Facturas para WooCommerce plugin
Active Installations: This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4564
NVD References:
- https://plugins.trac.wordpress.org/browser/wp-ticketbai/trunk/wp-ticketbai.php#L240
Product: WordPress Push Notification for Post and BuddyPress Plugin
Active Installations: 200+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6159
NVD References: https://wpscan.com/vulnerability/de20ebda-b0bc-489e-a8d3-e9487a2b48e8/
Product: WordPress Boost plugin
Active Installations: 300,000+
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6584
NVD References: https://wpscan.com/vulnerability/eaa57c8c-1cac-4903-9763-79f7f84469fa/
Product: mojoomla WPGYM
Active Installations: Unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32643
NVD References: https://patchstack.com/database/wordpress/plugin/gym-management/vulnerability/wordpress-wpgym-plugin-65-0-sql-injection-vulnerability?_s_id=cve
Product: mojoomla WPAMS
Active Installations: Unknown
CVSS Score: 9.8
Product: mojoomla WPAMS
Active Installations: Unknown
CVSS Score: 9.3
Product: mojoomla WPAMS
Active Installations: Unknown
CVSS Scores: 9.9 - 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39401
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39402
NVD References:
Product: Mojoomla Hospital Management System
Active Installations: Unknown
CVSS Score: 10.0
Product: Mojoomla Hospital Management System
Active Installations: Unknown
CVSS Score: 9.3
Product: imithemes Eventer
Active Installations: Unknown
CVSS Score: 9.3
Product: Crawlomatic Multipage Scraper Post Generator plugin for WordPress
Active Installations: Unknown. Update to version 2.6.8.2, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4389
NVD References:
Product: Echo RSS Feed Post Generator plugin for WordPress
Active Installations: Unbeknown. Update to version 5.4.8.2, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4391
NVD References:
- https://codecanyon.net/item/echo-rss-feed-post-generator-plugin-for-wordpress/19486974
Product: dkszone Eximius
Active Installations: Unknown
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26872
NVD References: https://patchstack.com/database/wordpress/theme/eximius/vulnerability/wordpress-eximius-theme-2-2-arbitrary-file-upload-vulnerability?_s_id=cve
Product: dkszone Celestial Aura
Active Installations: Unknown
CVSS Score: 9.9
Product: QuantumCloud WPBot Pro WordPress Chatbot
Active Installations: Unknown
CVSS Score: 9.8
Product: themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon
Active Installations: Unknown
CVSS Score: 9.8
Product: highwarden Super Store Finder
Active Installations: Unknown
CVSS Score: 9.3
Product: TemplateInvaders TI WooCommerce Wishlist
Active Installations: 100,000+
CVSS Score: 10.0
Product: Elbisnero WordPress Events Calendar Registration & Tickets
Active Installations: Unknown
CVSS Score: 9.8
Product: ThemeGoods Grand Restaurant WordPress
Active Installations: Unknown
CVSS Score: 9.8
Product: ThemeGoods Grand Restaurant WordPress
Active Installations: Unknown
CVSS Score: 9.8
Product: Chimpstudio FoodBakery
Active Installations: Unknown
CVSS Score: 9.8
Product: ThemeGoods Altair
Active Installations: Unknown
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32928
NVD References: https://patchstack.com/database/wordpress/theme/altair/vulnerability/wordpress-altair-theme-5-2-2-php-object-injection-vulnerability?_s_id=cve
Product: Potenzaglobalsolutions CiyaShop
Active Installations: Unknown
CVSS Score: 9.8
Product: ThemeGoods Grand Conference
Active Installations: Unknown
CVSS Score: 9.8
Product: Chimpstudio Foodbakery Sticky Cart
Active Installations: Unknown
CVSS Score: 9.8
Product: Solid Plugins AnalyticsWP
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39389
NVD References: https://patchstack.com/database/wordpress/plugin/analyticswp/vulnerability/wordpress-analyticswp-2-1-2-sql-injection-vulnerability?_s_id=cve
Product: Danny Vink User Profile Meta Manager
Active Installations: This plugin has been closed as of April 24, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
Product: WordPress Motors theme
Active Installations: Unknown. Update to version 5.6.68, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4322
NVD References:
- http://themeforest.net/item/motors-car-dealership-wordpress-theme/13987211
The following vulnerability needs a manual review:
Product: Chromium/Google Chrome
CVSS Score: N/A
NVD: N/A
NVD References:
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-4609
- https://www.securityweek.com/chrome-136-update-patches-vulnerability-with-exploit-in-the-wild/
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-4609
Getting Started with DevSecOps | Align your security and development teams to improve code security with this new playbook. Embedding security into your DevOps and development processes isn’t just a nice-to-have anymore—it's essential for building secure applications and infrastructure for the cloud. Get the playbook
Webcast | The Future of Cloud Security Starts with Runtime | May 29, 1:00 ET Modern cloud attacks are fast, stealthy, and constantly evolving—can your security strategy keep up? Join us for an eye-opening session that explores why traditional security tools are falling short and how runtime visibility is becoming a critical pillar of modern cloud defense. Save your seat today:
Webcast | SANS First Look: Leveraging Dropzone AI to Handle Tier 1 Alert Triage | June 18, 1:00 ET SANS Instructor Mark Jeanmougin will examine how Dropzone AI can integrate into existing security stacks, support analyst development, and help SOC teams stay focused on high-impact decisions. We’ll explore how Dropzone AI functions as a virtual Tier 1 analyst, helping your team automate alert triage, cut through the noise, and escalate only what truly matters.
Webcast | Rethinking Oversharing Risk and Knowledge Segmentation in the Age of AI, June 3 at noon ET Join this webcast to explore how Knostic is redefining access and identity management for the AI era with a knowledge-centric approach that emphasizes not just who has access, but who needs access. Discover how their innovative methodology—grounded in need-to-know principles, role-based knowledge segmentation, and intent-aware access policies—creates an intelligent, scalable framework for controlling AI-generated knowledge sharing. Save your seat today: