Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Archived Security Brief
This brief includes 4 actively exploited vulnerabilities and 15 additional critical issues requiring immediate attention.
đ¨ High threat activity: 4 vulnerabilities under active exploitation
449 total vulnerabilities disclosed in last 24 hours
employee record management system in php and mysqlMultiple Products
employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint.
CVSS Base9.8
â
CRSSelect profile
CVE-2024-13786
9.8đ
The education theme for WordPress is vulnerable to PHP Object Injection in all versions upMultiple Products
The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted input in the 'themerex_callback_view_more_posts' f...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-4689
9.8đ
The Ads Pro PluginMultiple Products
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions up to, and including, 4...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-5746
9.8đ
The Drag and Drop Multiple File UploadMultiple Products
The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7_upload_chunks() functi...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53529
9.8đ
WeGIA is a web manager for charitableMultiple Products
WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php endpoint. The id_funcionario parameter is not properl...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-47981
9.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-49533
9.8đ
Adobe Experience ManagerMultiple Products
Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation o...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-27203
9.6đ
Adobe Connect versionsMultiple Products
Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does re...
CVSS Base9.6
â
CRSSelect profile
CVE-2025-53599
9.8
Whale browser for iOS beforeMultiple Products
Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53484
9.8
UnknownMultiple Products
User-controlled inputs are improperly escaped in:
*
VotePage.php (poll option input)
*
ResultPage::getPagesTab() and getErrorsTab() (user-controllable page names)
This allow...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-20309
10đ
A vulnerability in Cisco Unified Communications ManagerMultiple Products
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacke...
CVSS Base10
â
CRSSelect profile
CVE-2025-37103
9.8
UnknownMultiple Products
Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-42967
9.9đ
SAPMultiple Products
SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gain...
Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ...
CVSS Base9.8
â
CRSSelect profile
â ī¸
High Priority Updates
CVE-2025-36600
8.2
DellMultiple Products
Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component
CVSS Base8.2
â
CRSSelect profile
CVE-2025-47998
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-48824
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49657
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49663
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49668
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49669
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49670
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49672
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49673
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49674
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49676
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49729
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49753
8.8
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49688
8.8
DoubleMultiple Products
Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49723
8.8
MissingMultiple Products
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally
CVSS Base8.8
â
CRSSelect profile
CVE-2025-5692
8.8đ
WordPressMultiple Products
The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the doFieldAjaxAction() function in all versions up to, and including, 3
CVSS Base8.8
â
CRSSelect profile
CVE-2025-3848
8.8đ
WordPressMultiple Products
The Download Manager and Payment Form WordPress Plugin â WP SmartPay plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-5953
8.8đ
WordPressMultiple Products
The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() functions in versions 2
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49724
8.8
UseMultiple Products
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49695
8.4đ
MicrosoftMultiple Products
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-49697
8.4
MicrosoftMultiple Products
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-5014
8.8đ
WordPressMultiple Products
The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget_file_delete' function in all versions up to, and including, 2
CVSS Base8.8
â
CRSSelect profile
CVE-2025-6459
8.8đ
WordPressMultiple Products
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4
CVSS Base8.8
â
CRSSelect profile
CVE-2025-6463
8.8đ
WordPressMultiple Products
The Forminator Forms â Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entry_delete_upload_files' function in all versions up to, and including, 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49713
8.8đ
MicrosoftMultiple Products
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-2932
8.8đ
WordPressMultiple Products
The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-7327
8.8đ
GoogleMultiple Products
The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-6746
8.8đ
WordPressMultiple Products
The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49687
8.8
MicrosoftMultiple Products
Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49701
8.8đ
MicrosoftMultiple Products
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49704
8.8
MicrosoftMultiple Products
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-49740
8.8
ProtectionMultiple Products
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-48822
8.6
UnknownMultiple Products
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally
CVSS Base8.6
â
CRSSelect profile
CVE-2025-49696
8.4
MicrosoftMultiple Products
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-4380
8.1đ
WordPressMultiple Products
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4
CVSS Base8.1
â
CRSSelect profile
CVE-2025-4946
8.1đ
WordPressMultiple Products
The Vikinger theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the vikinger_delete_activity_media_ajax() function in all versions up to, and including, 1
CVSS Base8.1
â
CRSSelect profile
CVE-2025-53547
8.5
KubernetesMultiple Products
Helm is a package manager for Charts for Kubernetes
CVSS Base8.5
â
CRSSelect profile
CVE-2025-24780
8.5
printcart PrintcartMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows SQL Injection
CVSS Base8.5
â
CRSSelect profile
CVE-2025-25268
8.8
unauthenticatedMultiple Products
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication
CVSS Base8.8
â
CRSSelect profile
CVE-2025-41666
8.8
lowMultiple Products
A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized
CVSS Base8.8
â
CRSSelect profile
CVE-2025-41667
8.8
lowMultiple Products
A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device
CVSS Base8.8
â
CRSSelect profile
CVE-2025-41668
8.8
lowMultiple Products
A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to any file on the device
CVSS Base8.8
â
CRSSelect profile
CVE-2025-48817
8.8
DesktopMultiple Products
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-24003
8.2
unauthenticatedMultiple Products
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations
CVSS Base8.2
â
CRSSelect profile
CVE-2025-52828
8.8
designthemes Red ArtMultiple Products
Deserialization of Untrusted Data vulnerability in designthemes Red Art allows Object Injection
CVSS Base8.8
â
CRSSelect profile
CVE-2025-47986
8.8
UseMultiple Products
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally
CVSS Base8.8
â
CRSSelect profile
CVE-2025-1708
8.6đ
applicationMultiple Products
The application is vulnerable to SQL injection attacks
CVSS Base8.6
â
CRSSelect profile
CVE-2025-24748
8.5
LambertGroup All InMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup All In One Slider Responsive allows SQL Injection
CVSS Base8.5
â
CRSSelect profile
CVE-2025-28967
8.5
Steve Truman ContactMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Truman Contact Us page - Contact people LITE allows SQL Injection