Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Archived Security Brief
This curated brief highlights 28 critical vulnerabilities and 35 high-priority updates requiring immediate attention.
64 total vulnerabilities disclosed in last 24 hours
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2020-25078
9.5
D-LinkDCS-2530L and DCS-2670L Devices
â° Federal Deadline:August 25, 2025(1 days remaining)
D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2020-25079
9.5
D-LinkDCS-2530L and DCS-2670L Devices
â° Federal Deadline:August 25, 2025(1 days remaining)
D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2022-40799
9.5
D-LinkDNR-322L
â° Federal Deadline:August 25, 2025(1 days remaining)
D-Link DNR-322L Download of Code Without Integrity Check Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-8088
9.5
RARLABWinRAR
â° Federal Deadline:September 1, 2025(8 days remaining)
RARLAB WinRAR Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2007-0671
9.5
MicrosoftOffice
â° Federal Deadline:September 1, 2025(8 days remaining)
Microsoft Office Excel Remote Code Execution Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2013-3893
9.5
MicrosoftInternet Explorer
â° Federal Deadline:September 1, 2025(8 days remaining)
Microsoft Internet Explorer Resource Management Errors Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-54948
9.5đ
Trend MicroApex One
â° Federal Deadline:September 7, 2025(14 days remaining)
Trend Micro Apex One OS Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-43300
9.5đ
AppleiOS, iPadOS, and macOS
â° Federal Deadline:September 10, 2025(17 days remaining)
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-48384
9.5
GitGit
â° Federal Deadline:September 14, 2025(21 days remaining)
Git Link Following Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2024-8068
9.5
CitrixSession Recording
â° Federal Deadline:September 14, 2025(21 days remaining)
Citrix Session Recording Improper Privilege Management Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2024-8069
9.5
CitrixSession Recording
â° Federal Deadline:September 14, 2025(21 days remaining)
Citrix Session Recording Deserialization of Untrusted Data Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
đ¨
Critical Vulnerabilities
CVE-2025-50722
9.8đ
Insecure Permissions vulnerability in sparkshopMultiple Products
Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
CVSS Base9.8
â
CRSSelect profile
CVE-2025-48005
9.8đ
AMultiple Products
A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted RHS2000 file can lead to ...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53511
9.8đ
AMultiple Products
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitr...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53557
9.8đ
AMultiple Products
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitr...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53853
9.8đ
AMultiple Products
A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file ...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54462
9.8đ
AMultiple Products
A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitra...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54480
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54481
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54482
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54483
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54484
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54485
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54486
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54487
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54488
9.8đ
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54489
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54490
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54491
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54492
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54493
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-54494
9.8
AMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-29515
9.8
Incorrect access control in theMultiple Products
Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, incl...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-52581
9.8
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosigMultiple Products
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted GDF file can lead to arbitrary code ex...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53518
9.8
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosigMultiple Products
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ABF file can lead to arbitrary code ex...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-45968
9.8
An issue in System PDVMultiple Products
An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference (IDOR) vulnerability,...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-53120
9.4
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to theMultiple Products
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the serverâs configuration and web root directories, achieving remote ...
CVSS Base9.4
â
CRSSelect profile
CVE-2025-53118
9.8
An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backupMultiple Products
An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session t...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-29514
9.8
Incorrect access control in theMultiple Products
Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request...
CVSS Base9.8
â
CRSSelect profile
â ī¸
High Priority Updates
CVE-2025-46411
8.1đ
ProjectMultiple Products
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3
CVSS Base8.1
â
CRSSelect profile
CVE-2025-5302
8.6đ
denialMultiple Products
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0
CVSS Base8.6
â
CRSSelect profile
CVE-2025-56216
8.5đ
ManagementMultiple Products
phpgurukul Hospital Management System 4
CVSS Base8.5
â
CRSSelect profile
CVE-2025-52461
8.2đ
ProjectMultiple Products
An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3
CVSS Base8.2
â
CRSSelect profile
CVE-2025-26467
8.8đ
Apache PrivilegeMultiple Products
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra
CVSS Base8.8
â
CRSSelect profile
CVE-2025-6737
7.2đ
VendorMultiple Products
Securdenâs Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants
CVSS Base7.2
â
CRSSelect profile
CVE-2025-9392
8.8đ
LinksysMultiple Products
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-9393
8.8đ
LinksysMultiple Products
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-32468
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-35984
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-46407
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-50129
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-52456
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-52930
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-53085
8.8đ
memoryMultiple Products
A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-53510
8.8
memoryMultiple Products
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0
CVSS Base8.8
â
CRSSelect profile
CVE-2025-55409
8.8
FoxCMSMultiple Products
FoxCMS 1
CVSS Base8.8
â
CRSSelect profile
CVE-2025-57760
8.8
LangflowMultiple Products
Langflow is a tool for building and deploying AI-powered agents and workflows
CVSS Base8.8
â
CRSSelect profile
CVE-2025-43960
8.6
AdminerMultiple Products
Adminer 4
CVSS Base8.6
â
CRSSelect profile
CVE-2025-36174
8đ
IBMMultiple Products
IBM Integrated Analytics System 1
CVSS Base8
â
CRSSelect profile
CVE-2025-9380
7.8đ
CCTVMultiple Products
A vulnerability was identified in FNKvision Y215 CCTV Camera 10
CVSS Base7.8
â
CRSSelect profile
CVE-2023-47799
7.5
MaharaMultiple Products
Mahara before 22
CVSS Base7.5
â
CRSSelect profile
CVE-2025-53119
7.5
theMultiple Products
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server
CVSS Base7.5
â
CRSSelect profile
CVE-2025-6188
7.5
sourceMultiple Products
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS
CVSS Base7.5
â
CRSSelect profile
CVE-2025-9418
7.3
ManagementMultiple Products
A security vulnerability has been detected in itsourcecode Apartment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9419
7.3
ManagementMultiple Products
A vulnerability was detected in itsourcecode Apartment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9420
7.3
ManagementMultiple Products
A flaw has been found in itsourcecode Apartment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9421
7.3
ManagementMultiple Products
A vulnerability has been found in itsourcecode Apartment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9423
7.3
BillingMultiple Products
A vulnerability was determined in Campcodes Online Water Billing System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9425
7.3
ManagementMultiple Products
A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-9426
7.3
ManagementMultiple Products
A weakness has been identified in itsourcecode Online Tour and Travel Management System 1