CVE Brief - August 10, 2025

Sunday, August 10, 2025 Archive

Archived Security Snapshot

Critical vulnerabilities, curated daily for security professionals

🎯 SSCV Profile

See how vulnerabilities affect your specific environment

CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework

Select your system profile:

Risk scores will be adjusted based on your selected environment

Archived Security Brief

This curated brief highlights 2 critical vulnerabilities and 15 high-priority updates requiring immediate attention.

17 total vulnerabilities disclosed in last 24 hours

💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove

CISA Known Exploited Vulnerabilities

⚠️ CISA KEV URGENT

CVE-2025-2775

9.5

SysAid SysAid On-Prem July 21, 2025

⏰ Federal Deadline: August 11, 2025 (2 days remaining)

SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-2776

9.5

SysAid SysAid On-Prem July 21, 2025

⏰ Federal Deadline: August 11, 2025 (2 days remaining)

SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-6558

9.5 📝

Google Chromium July 21, 2025

⏰ Federal Deadline: August 11, 2025 (2 days remaining)

Google Chromium ANGLE and GPU Improper Input Validation Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV URGENT

CVE-2025-54309

9.5

CrushFTP CrushFTP July 21, 2025

⏰ Federal Deadline: August 11, 2025 (2 days remaining)

CrushFTP Unprotected Alternate Channel Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2023-2533

9.5

PaperCut NG/MF July 27, 2025

⏰ Federal Deadline: August 17, 2025 (8 days remaining)

PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2025-20337

9.5 📝

Cisco Identity Services Engine July 27, 2025

⏰ Federal Deadline: August 17, 2025 (8 days remaining)

Cisco Identity Services Engine Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2025-20281

9.5

Cisco Identity Services Engine July 27, 2025

⏰ Federal Deadline: August 17, 2025 (8 days remaining)

Cisco Identity Services Engine Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2020-25078

9.5

D-Link DCS-2530L and DCS-2670L Devices August 4, 2025

⏰ Federal Deadline: August 25, 2025 (16 days remaining)

D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2020-25079

9.5

D-Link DCS-2530L and DCS-2670L Devices August 4, 2025

⏰ Federal Deadline: August 25, 2025 (16 days remaining)

D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

⚠️ CISA KEV

CVE-2022-40799

9.5

D-Link DNR-322L August 4, 2025

⏰ Federal Deadline: August 25, 2025 (16 days remaining)

D-Link DNR-322L Download of Code Without Integrity Check Vulnerability - Active in CISA KEV catalog.

CVSS Base 9.5

→

CRS Select profile

Critical Vulnerabilities

CVE-2025-55013

10 📝

The Assemblyline Multiple Products Aug 9, 2025

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task...

CVSS Base 10

→

CRS Select profile

CVE-2025-54997

9.1 📝

OpenBao exists to provide a software solution to Multiple Products Aug 9, 2025

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intention...

CVSS Base 9.1

→

CRS Select profile

High Priority Updates

CVE-2025-55008

7.1 📝

React Multiple Products August 10, 2025

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router

CVSS Base 7.1

→

CRS Select profile

CVE-2025-8810

8.8 📝

classified Multiple Products August 10, 2025

A vulnerability classified as critical was found in Tenda AC20 16

CVSS Base 8.8

→

CRS Select profile

CVE-2025-8816

8.8 📝

Linksys Multiple Products August 10, 2025

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801

CVSS Base 8.8

→

CRS Select profile

CVE-2025-8817

8.8 📝

Linksys Multiple Products August 10, 2025

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801

CVSS Base 8.8

→

CRS Select profile

CVE-2025-8744

7.3 📝

classified Multiple Products August 10, 2025

A vulnerability classified as critical was found in CesiumLab Web up to 4

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8752

7.3 📝

was Multiple Products August 10, 2025

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8773

7.3 📝

A Multiple Products August 10, 2025

A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8798

7.3 📝

was Multiple Products August 10, 2025

A vulnerability was found in oitcode samarium up to 0

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8809

7.3 📝

Medicine Multiple Products August 10, 2025

A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8811

7.3 📝

Art Multiple Products August 10, 2025

A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1

CVSS Base 7.3

→

CRS Select profile

CVE-2025-8815

7.3 📝

was Multiple Products August 10, 2025

A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e

CVSS Base 7.3

→

CRS Select profile

CVE-2025-54996

7.2 📝

OpenBao Multiple Products August 10, 2025

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys

CVSS Base 7.2

→

CRS Select profile

CVE-2025-55009

7.1 📝

AuthKit Multiple Products August 10, 2025

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix

CVSS Base 7.1

→

CRS Select profile

CVE-2025-8757

7 📝

was Multiple Products August 10, 2025

A vulnerability was found in TRENDnet TV-IP110WN 1

CVSS Base 7

→

CRS Select profile

CVE-2025-8758

7 📝

was Multiple Products August 10, 2025

A vulnerability was found in TRENDnet TEW-822DRE FW103B02

CVSS Base 7

→

CRS Select profile

CVE Brief Security Intelligence

Archived Security Snapshot

🎯 SSCV Profile

Archived Security Brief

CISA Known Exploited Vulnerabilities

CVE-2025-2775

CVE-2025-2776

CVE-2025-6558

CVE-2025-54309

CVE-2023-2533

CVE-2025-20337

CVE-2025-20281

CVE-2020-25078

CVE-2020-25079

CVE-2022-40799

Critical Vulnerabilities

CVE-2025-55013

CVE-2025-54997

High Priority Updates

CVE-2025-55008

CVE-2025-8810

CVE-2025-8816

CVE-2025-8817

CVE-2025-8744

CVE-2025-8752

CVE-2025-8773

CVE-2025-8798

CVE-2025-8809

CVE-2025-8811

CVE-2025-8815

CVE-2025-54996

CVE-2025-55009

CVE-2025-8757

CVE-2025-8758

⭐ Starred CVEs

Archived Security Snapshot

🎯 SSCV Profile

📊 Archived Security Brief

Section Navigation

⚠️ CISA Known Exploited Vulnerabilities

🚨 Critical Vulnerabilities

⚠️ High Priority Updates

⭐ Starred CVEs

Archived Security Brief

CISA Known Exploited Vulnerabilities

Critical Vulnerabilities

High Priority Updates