Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Archived Security Brief
This curated brief highlights 1 critical vulnerabilities and 39 high-priority updates requiring immediate attention.
40 total vulnerabilities disclosed in last 24 hours
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2025-5086
9.5
Dassault SystèmesDELMIA Apriso
β° Federal Deadline:October 1, 2025(4 days remaining)
Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-10585
9.5π
GoogleChromium V8
β° Federal Deadline:October 13, 2025(16 days remaining)
Google Chromium V8 Type Confusion Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2025-59936
9.4π
UnknownMultiple Products
get-jwks contains fetch utils for JWKS keys. In versions prior to 11.0.2, a vulnerability in get-jwks can lead to cache poisoning in the JWKS key-fetching mechanism. When the iss (issuer) claim is val...
CVSS Base9.4
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2025-11053
7.3π
SmallMultiple Products
A weakness has been identified in PHPGurukul Small CRM 4
CVSS Base7.3
β
CRSSelect profile
CVE-2025-7647
7.3π
TheMultiple Products
The llama-index-core package, up to version 0
CVSS Base7.3
β
CRSSelect profile
CVE-2025-9816
7.2π
WordPressMultiple Products
The WP Statistics β The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent Header in all versions up to, and including, 14
CVSS Base7.2
β
CRSSelect profile
CVE-2025-59939
8.8π
WebMultiple Products
WeGIA is a Web manager for charitable institutions
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11091
8.8π
securityMultiple Products
A security flaw has been discovered in Tenda AC21 up to 16
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11117
8.8π
wasMultiple Products
A vulnerability was determined in Tenda CH22 1
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11120
8.8π
weaknessMultiple Products
A weakness has been identified in Tenda AC8 16
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11122
8.8π
wasMultiple Products
A vulnerability was detected in Tenda AC18 15
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11123
8.8π
flawMultiple Products
A flaw has been found in Tenda AC18 15
CVSS Base8.8
β
CRSSelect profile
CVE-2025-59932
8.6π
FlagMultiple Products
Flag Forge is a Capture The Flag (CTF) platform
CVSS Base8.6
β
CRSSelect profile
CVE-2025-59945
8.1π
SysReptorMultiple Products
SysReptor is a fully customizable pentest reporting platform
CVSS Base8.1
β
CRSSelect profile
CVE-2025-8014
7.5π
versionsMultiple Products
Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11
CVSS Base7.5
β
CRSSelect profile
CVE-2025-11052
7.3π
kidazeMultiple Products
A security flaw has been discovered in kidaze CourseSelectionSystem 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11055
7.3π
ReservationMultiple Products
A vulnerability was detected in SourceCodester Online Hotel Reservation System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11057
7.3π
ManagementMultiple Products
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11061
7.3
ManagementMultiple Products
A vulnerability was found in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11062
7.3
ManagementMultiple Products
A vulnerability was determined in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11063
7.3
ManagementMultiple Products
A vulnerability was identified in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11064
7.3
ManagementMultiple Products
A security flaw has been discovered in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11066
7.3
BiddingMultiple Products
A flaw has been found in code-projects Online Bidding System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11070
7.3
ShoppingMultiple Products
A vulnerability was identified in Projectworlds Online Shopping System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11074
7.3
MonitoringMultiple Products
A flaw has been found in code-projects Project Monitoring System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11075
7.3
ManagementMultiple Products
A vulnerability has been found in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11076
7.3
ManagementMultiple Products
A vulnerability was found in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11077
7.3
ManagementMultiple Products
A vulnerability was determined in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11089
7.3
wasMultiple Products
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11094
7.3
CommerceMultiple Products
A security vulnerability has been detected in code-projects E-Commerce Website 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11101
7.3
JobMultiple Products
A security flaw has been discovered in itsourcecode Open Source Job Portal 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11102
7.3
ManagementMultiple Products
A weakness has been identified in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11105
7.3
SchedulingMultiple Products
A flaw has been found in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11106
7.3
SchedulingMultiple Products
A vulnerability has been found in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11107
7.3
SchedulingMultiple Products
A vulnerability was found in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11108
7.3
SchedulingMultiple Products
A vulnerability was determined in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11109
7.3
InventoryMultiple Products
A vulnerability was identified in Campcodes Computer Sales and Inventory System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11110
7.3
ManagementMultiple Products
A security flaw has been discovered in Campcodes Online Learning Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11111
7.3
ManagementMultiple Products
A weakness has been identified in Campcodes Advanced Online Voting Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11115
7.3
SchedulingMultiple Products
A vulnerability has been found in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11116
7.3
SchedulingMultiple Products
A vulnerability was found in code-projects Simple Scheduling System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-11118
7.3
GradingMultiple Products
A vulnerability was identified in CodeAstro Student Grading System 1