Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Archived Security Brief
Saturday's vulnerability landscape demonstrates significant moderation with 6 critical vulnerabilities (50% decrease from yesterday's 12), including two maximum severity CVSS 10.0 issues affecting unknown systems and Grafana Enterprise SCIM provisioning. High-priority CVEs remained unchanged at 44, while nine actively exploited CISA KEV vulnerabilities continue to require priority weekend remediation. The disclosure environment features two CVSS 10.0 vulnerabilities and four CVSS 9.8/9.1 vulnerabilities enabling unauthenticated remote code execution and authentication bypass attacks. Patch availability improved to 24% from yesterday's 17%, enabling more direct remediation heading into the weekend.
Critical CVE count decreased 50% from 12 to 6 vulnerabilities, indicating significantly reduced weekend disclosure activity
Two CVSS 10.0 vulnerabilities require immediate weekend assessment: CVE-2025-65108 (unknown vendor) and CVE-2025-41115 (Grafana Enterprise SCIM provisioning)
High-priority vulnerabilities unchanged at 44 CVEs, maintaining consistent disclosure levels from yesterday
Patch availability improved to 24% (up from 17%), enabling direct weekend remediation for nearly one-quarter of new vulnerabilities
Nine actively exploited CISA KEV vulnerabilities remain unchanged, requiring priority weekend remediation before Monday operations resume
Immediate action: WEEKEND PRIORITY ACTION: Security teams must immediately assess CVE-2025-65108 and CVE-2025-41115 (both CVSS 10.0) to determine environmental presence and impact despite vendor uncertainty. Priority weekend patching should address the three CVSS 9.8 unauthenticated remote code execution vulnerabilities, particularly CVE-2025-11456 (WordPress HelpDesk), CVE-2025-11127 (WordPress Mobile App plugin), and CVE-2025-64310 (EPSON projector products) where weekend vendor patch deployment may be feasible. With 24% patch availability (7% improvement), organizations should leverage weekend maintenance windows for direct remediation where possible. The nine actively exploited CISA KEV vulnerabilities require continued weekend focus, with network segmentation, administrative access restrictions, and Web Application Firewall deployment as compensating controls for the remaining 76% unpatched vulnerabilities until vendors release updates.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2025-58034
9.5π
FortinetFortiWeb
β° Federal Deadline:November 24, 2025(3 days remaining)
Fortinet FortiWeb OS Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-48703
9.5π
CWPControl Web Panel
β° Federal Deadline:November 24, 2025(3 days remaining)
CWP Control Web Panel OS Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-11371
9.5
GladinetCentreStack and Triofox
β° Federal Deadline:November 24, 2025(3 days remaining)
Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-21042
9.5
SamsungMobile Devices
β° Federal Deadline:November 30, 2025(9 days remaining)
Samsung Mobile Devices Out-of-Bounds Write Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-12480
9.5π
GladinetTriofox
β° Federal Deadline:December 2, 2025(11 days remaining)
Gladinet Triofox Improper Access Control Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-62215
9.5
MicrosoftWindows
β° Federal Deadline:December 2, 2025(11 days remaining)
Microsoft Windows Race Condition Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-9242
9.5
WatchGuardFirebox
β° Federal Deadline:December 2, 2025(11 days remaining)
WatchGuard Firebox Out-of-Bounds Write Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-13223
9.5π
GoogleChromium V8
β° Federal Deadline:December 9, 2025(18 days remaining)
Google Chromium V8 Type Confusion Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-61757
9.5π
OracleFusion Middleware
β° Federal Deadline:December 11, 2025(20 days remaining)
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2025-65108
10π
UnknownMultiple Products
md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block that contains JavaScript delimiter causes the JS engine in gray-matter library to execute arbitrary code in the Markdown to PDF converter process of md-to-pdf library, resulting in remote code execution. This issue has been patched in version 5.2.5.
CVSS Base10
β
CRSSelect profile
CVE-2025-11456
9.8π
The ELEX WordPress HelpDeskMultiple Products
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the eh_crm_new_ticket_post() function in all versions up to, and including, 3.3.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVSS Base9.8
β
CRSSelect profile
CVE-2025-41115
10π
SCIM provisioning wasΒ introducedΒ in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycleMultiple Products
SCIM provisioning wasΒ introducedΒ in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.
In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.
This vulnerability applies only ifΒ allΒ of the following conditions are met:
- `enableSCIM`Β feature flag set to true
- `user_sync_enabled`Β config option in theΒ `[auth.scim]`Β block set to true
CVSS Base10
β
CRSSelect profile
CVE-2025-11127
9.8π
The Mstoreapp Mobile App WordPress plugin throughMultiple Products
The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9.0.1 do not properly verify users identify when using an AJAX action, allowing unauthenticated users to retrieve a valid session for arbitrary users by knowing their email address.
CVSS Base9.8
β
CRSSelect profile
CVE-2025-64767
9.1π
UnknownMultiple Products
hpke-js is a Hybrid Public Key Encryption (HPKE) module built on top of Web Cryptography API. Prior to version 1.7.5, the public SenderContext Seal() API has a race condition which allows for the same AEAD nonce to be re-used for multiple Seal() calls. This can lead to complete loss of Confidentiality and Integrity of the produced messages. This issue has been patched in version 1.7.5.
CVSS Base9.1
β
CRSSelect profile
CVE-2025-64310
9.8π
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authenticationMultiple Products
EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.
CVSS Base9.8
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2025-13156
8.8π
WordPressMultiple Products
The Vitepos β Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the insert_media_attachment() function in all versions up to, and including, 3
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11985
8.8π
WordPressMultiple Products
The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'rp_save_property_settings' function in versions 0
CVSS Base8.8
β
CRSSelect profile
CVE-2025-13138
7.5π
WordPressMultiple Products
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search' parameter of the select_2_ajax() function in all versions up to, and including, 1
CVSS Base7.5
β
CRSSelect profile
CVE-2025-12138
8.8π
WordPressMultiple Products
The URL Image Importer plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1
CVSS Base8.8
β
CRSSelect profile
CVE-2025-11087
8.8π
WordPressMultiple Products
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2
CVSS Base8.8
β
CRSSelect profile
CVE-2025-62207
8.6π
AzureMultiple Products
Azure Monitor Elevation of Privilege Vulnerability
CVSS Base8.6
β
CRSSelect profile
CVE-2025-62459
8.3π
MicrosoftMultiple Products
Microsoft Defender Portal Spoofing Vulnerability
CVSS Base8.3
β
CRSSelect profile
CVE-2025-13322
8.1π
WordPressMultiple Products
The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all versions up to, and including, 2
CVSS Base8.1
β
CRSSelect profile
CVE-2025-64695
7.8π
UncontrolledMultiple Products
Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows)
CVSS Base7.8
β
CRSSelect profile
CVE-2025-63889
7.5π
fetchMultiple Products
The fetch function in file thinkphp\library\think\Template
CVSS Base7.5
β
CRSSelect profile
CVE-2025-12135
7.2π
WordPressMultiple Products
The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code' parameter in all versions up to, and including, 1
CVSS Base7.2
β
CRSSelect profile
CVE-2025-12160
7.2π
WordPressMultiple Products
The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpr_admin_msg' parameter in all versions up to, and including, 6
CVSS Base7.2
β
CRSSelect profile
CVE-2025-12973
7.2π
WordPressMultiple Products
The S2B AI Assistant β ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeFile() function in all versions up to, and including, 1
CVSS Base7.2
β
CRSSelect profile
CVE-2025-13159
7.1π
WordPressMultiple Products
The Flo Forms β Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1
CVSS Base7.1
β
CRSSelect profile
CVE-2025-40601
7.5π
SonicOS SSLVPNMultiple Products
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash
CVSS Base7.5
β
CRSSelect profile
CVE-2025-13357
7.4
UnknownMultiple Products
Vaultβs Terraform Provider incorrectly set the default deny_null_bind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration
CVSS Base7.4
β
CRSSelect profile
CVE-2025-13445
8.8
flawMultiple Products
A flaw has been found in Tenda AC21 16
CVSS Base8.8
β
CRSSelect profile
CVE-2025-13446
8.8
hasMultiple Products
A vulnerability has been found in Tenda AC21 16
CVSS Base8.8
β
CRSSelect profile
CVE-2025-48986
8.8
ReviveMultiple Products
Authorization bypass in Revive Adserver 5
CVSS Base8.8
β
CRSSelect profile
CVE-2025-36072
8.8
IBMMultiple Products
IBM webMethods Integration 10
CVSS Base8.8
β
CRSSelect profile
CVE-2025-64655
8.8
ImproperMultiple Products
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network
CVSS Base8.8
β
CRSSelect profile
CVE-2025-62164
8.8
servingMultiple Products
vLLM is an inference and serving engine for large language models (LLMs)
CVSS Base8.8
β
CRSSelect profile
CVE-2025-52668
8.7
ImproperMultiple Products
Improper input neutralization in the stats-conversions
CVSS Base8.7
β
CRSSelect profile
CVE-2025-66055
7.2
Icegram EmailMultiple Products
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection
CVSS Base7.2
β
CRSSelect profile
CVE-2025-65946
8.1
RooMultiple Products
Roo Code is an AI-powered autonomous coding agent that lives in users' editors
CVSS Base8.1
β
CRSSelect profile
CVE-2025-13499
7.8
KafkaMultiple Products
Kafka dissector crash in Wireshark 4
CVSS Base7.8
β
CRSSelect profile
CVE-2025-30201
7.7
WazuhMultiple Products
Wazuh is a free and open source platform used for threat prevention, detection, and response
CVSS Base7.7
β
CRSSelect profile
CVE-2025-41074
7.5
LimeSurveyMultiple Products
Vulnerability in LimeSurvey 6
CVSS Base7.5
β
CRSSelect profile
CVE-2025-41075
7.5
LimeSurveyMultiple Products
Vulnerability in LimeSurvey 6
CVSS Base7.5
β
CRSSelect profile
CVE-2025-63700
7.5
issueMultiple Products
An issue was discovered in Clerk-js 5
CVSS Base7.5
β
CRSSelect profile
CVE-2025-25613
7.5
IncMultiple Products
FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless
CVSS Base7.5
β
CRSSelect profile
CVE-2025-61138
7.5
QlikMultiple Products
Qlik Sense Enterprise v14
CVSS Base7.5
β
CRSSelect profile
CVE-2025-13470
7.5
RNPMultiple Products
In RNP version 0
CVSS Base7.5
β
CRSSelect profile
CVE-2025-13132
7.4
ThisMultiple Products
This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification (toast) appearing
CVSS Base7.4
β
CRSSelect profile
CVE-2025-13442
7.3
securityMultiple Products
A security vulnerability has been detected in UTT θΏε 750W up to 3
CVSS Base7.3
β
CRSSelect profile
CVE-2025-13449
7.3
ShopMultiple Products
A vulnerability was found in code-projects Online Shop Project 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-13451
7.3
ShopMultiple Products
A vulnerability was identified in SourceCodester Online Shop Project 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-12120
7.3
LiteMultiple Products
Lite XL versions 2
CVSS Base7.3
β
CRSSelect profile
CVE-2025-12121
7.3
LiteMultiple Products
Lite XL versions 2
CVSS Base7.3
β
CRSSelect profile
CVE-2025-13485
7.3
ManagementMultiple Products
A security flaw has been discovered in itsourcecode Online File Management System 1
CVSS Base7.3
β
CRSSelect profile
CVE-2025-0643
7.2
Narkom CommunicationMultiple Products
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Narkom Communication and Software Technologies Trade Ltd
CVSS Base7.2
β
CRSSelect profile
CVE-2025-0645
7.2
Narkom CommunicationMultiple Products
Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd
CVSS Base7.2
β
CRSSelect profile
CVE-2025-52670
7.1
ReviveMultiple Products
Missing authorization check in Revive Adserver 5
CVSS Base7.1
β
CRSSelect profile
CVE-2025-13433
7
GroupMultiple Products
A security flaw has been discovered in Muse Group MuseHub 2