Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Archived Security Brief
Wednesday's vulnerability landscape shows increased disclosure activity with eighteen critical vulnerabilities (CVSS 9.0+) and 189 high-priority CVEs requiring assessment. The critical CVE count increased by five issues from Tuesday, while high-priority disclosures increased by 89 vulnerabilities. Ten actively exploited vulnerabilities require priority remediation. The overall critical CVE frequency shows a 54% increase compared to historical averages, marking elevated mid-week disclosure activity with limited patch availability at 9%.
Eighteen critical vulnerabilities (CVSS 9.0+), representing a 38% increase from Tuesday's thirteen critical issues
189 high-priority vulnerabilities (CVSS 7.0-8.9), an 89% increase from Tuesday's 100 issues
Ten actively exploited vulnerabilities requiring priority remediation across enterprise and critical infrastructure environments
Critical CVE frequency increased 54% compared to historical average, indicating elevated mid-week disclosure activity
Limited patch availability at 9%, requiring organizations to focus on compensating controls and risk mitigation strategies
Immediate action: Security teams should prioritize assessment of the five newly disclosed critical vulnerabilities and review the 189 high-priority CVEs for applicability to their environments. Organizations should expedite remediation of the ten actively exploited vulnerabilities. Given the limited 9% patch availability, teams should implement compensating controls and network segmentation where patches are not yet available.
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2025-55182
9.5đ
MetaReact Server Components
â° Federal Deadline:December 11, 2025(2 days remaining)
Meta React Server Components Remote Code Execution Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2025-61757
9.5đ
OracleFusion Middleware
â° Federal Deadline:December 11, 2025(2 days remaining)
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2021-26829
9.5
OpenPLCScadaBR
â° Federal Deadline:December 18, 2025(9 days remaining)
OpenPLC ScadaBR Cross-site Scripting Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-48633
9.5đ
AndroidFramework
â° Federal Deadline:December 22, 2025(13 days remaining)
Android Framework Information Disclosure Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2021-26828
9.5
OpenPLCScadaBR
â° Federal Deadline:December 23, 2025(14 days remaining)
OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2022-37055
9.5
D-LinkRouters
â° Federal Deadline:December 28, 2025(19 days remaining)
D-Link Routers Buffer Overflow Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-66644
9.5
Array Networks ArrayOS AG
â° Federal Deadline:December 28, 2025(19 days remaining)
Array Networks ArrayOS AG OS Command Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-6218
9.5
RARLABWinRAR
â° Federal Deadline:December 29, 2025(20 days remaining)
RARLAB WinRAR Path Traversal Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
đ¨
Critical Vulnerabilities
CVE-2025-59718
9.8đ
A improper verification of cryptographic signature vulnerability in Fortinet FortiOSMultiple Products
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-10573
9.6đ
Stored XSS in Ivanti Endpoint Manager prior to versionMultiple Products
Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required.
CVSS Base9.6
â
CRSSelect profile
CVE-2025-67504
9.1đ
WBCE CMS is a content managementMultiple Products
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5.
CVSS Base9.1
â
CRSSelect profile
CVE-2025-59719
9.8đ
An improper verification of cryptographic signature vulnerability in Fortinet FortiWebMultiple Products
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-67489
9.8đ
UnknownMultiple Products
@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Versions 0.5.5 and below are vulnerable to arbitrary remote code execution on the development server through unsafe dynamic imports in server function APIs (loadServerAction, decodeReply, decodeAction) when integrated into RSC applications that expose server function endpoints. Attackers with network access to the development server can read/modify files, exfiltrate sensitive data (source code, environment variables, credentials), or pivot to other internal services. While this affects development servers only, the risk increases when using vite --host to expose the server on all network interfaces. This issue is fixed in version 0.5.6.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-66481
9.6đ
DeepChat is anMultiple Products
DeepChat is an open-source AI chat platform that supports cloud models and LLMs. Versions 0.5.1 and below are vulnerable to XSS attacks through improperly sanitized Mermaid content. The recent security patch for MermaidArtifact.vue is insufficient and can be bypassed using unquoted HTML attributes combined with HTML entity encoding. Remote Code Execution is possible on the victim's machine via the electron.ipcRenderer interface, bypassing the regex filter intended to strip dangerous attributes. There is no fix at time of publication.
CVSS Base9.6
â
CRSSelect profile
CVE-2025-42928
9.1đ
Under certainMultiple Products
Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.
CVSS Base9.1
â
CRSSelect profile
CVE-2025-42880
9.9đ
Due to missing inputMultiple Products
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availability of the system.
CVSS Base9.9
â
CRSSelect profile
CVE-2025-12504
9.8đ
Improper Neutralization of Special Elements used in an SQL CommandMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TalentSoft Software UNIS allows SQL Injection.This issue affects UNIS: before 42321.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-11022
9.6đ
UnknownMultiple Products
Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery.Â
This
CSRF vulnerability resulting in Command Injection has been identified.
This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny ownership of the mentioned product.
CVSS Base9.6
â
CRSSelect profile
CVE-2025-67494
9.3đ
ZITADEL is anMultiple Products
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
CVSS Base9.3
â
CRSSelect profile
CVE-2025-61808
9.1đ
ColdFusion versionsMultiple Products
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could lead to arbitrary code execution by a high priviledged attacker. Exploitation of this issue does not require user interaction and scope is changed.
CVSS Base9.1
â
CRSSelect profile
CVE-2025-61809
9.1đ
ColdFusion versionsMultiple Products
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction and scope is unchanged.
CVSS Base9.1
â
CRSSelect profile
â ī¸
High Priority Updates
â ī¸ CISA KEV
CVE-2025-62221
7.8đ
UseMultiple Products
â° Federal Deadline:December 29, 2025(20 days remaining)
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-48572
7.8đ
multipleMultiple Products
â° Federal Deadline:December 22, 2025(13 days remaining)
In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass
CVSS Base7.8
â
CRSSelect profile
CVE-2025-64678
8.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-62549
8.8đ
UntrustedMultiple Products
Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-62456
8.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-62472
7.8đ
ConnectionMultiple Products
Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62474
7.8đ
ConnectionMultiple Products
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62557
8.4đ
MicrosoftMultiple Products
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-62454
7.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62458
7.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62470
7.8đ
UnknownMultiple Products
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62553
7.8đ
MicrosoftMultiple Products
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62558
7.8đ
MicrosoftMultiple Products
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62559
7.8đ
MicrosoftMultiple Products
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62562
7.8đ
MicrosoftMultiple Products
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62563
7.8
MicrosoftMultiple Products
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62550
8.8
UnknownMultiple Products
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-64672
8.8
MicrosoftMultiple Products
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network
CVSS Base8.8
â
CRSSelect profile
CVE-2025-62554
8.4
MicrosoftMultiple Products
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-14333
8.1
FirefoxMultiple Products
Memory safety bugs present in Firefox ESR 140
CVSS Base8.1
â
CRSSelect profile
CVE-2025-54100
7.8
ImproperMultiple Products
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-55233
7.8
UnknownMultiple Products
Out-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-59516
7.8
MissingMultiple Products
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-59517
7.8
ImproperMultiple Products
Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62455
7.8
ImproperMultiple Products
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62457
7.8
UnknownMultiple Products
Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62461
7.8
BufferMultiple Products
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62462
7.8
BufferMultiple Products
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62464
7.8
BufferMultiple Products
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62466
7.8
WindowsMultiple Products
Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62467
7.8
IntegerMultiple Products
Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62552
7.8
MicrosoftMultiple Products
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62556
7.8
MicrosoftMultiple Products
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62560
7.8
MicrosoftMultiple Products
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62561
7.8
MicrosoftMultiple Products
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62564
7.8
MicrosoftMultiple Products
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62571
7.8
ImproperMultiple Products
Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-64661
7.8
ConcurrentMultiple Products
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally
CVSS Base7.8
â
CRSSelect profile
CVE-2025-60024
8.8
FortinetMultiple Products
Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7
CVSS Base8.8
â
CRSSelect profile
CVE-2025-64447
8.1
FortinetMultiple Products
A reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8
CVSS Base8.1
â
CRSSelect profile
CVE-2025-66626
8.1
KubernetesMultiple Products
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes
CVSS Base8.1
â
CRSSelect profile
CVE-2025-13659
8.8
EndpointMultiple Products
Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution
CVSS Base8.8
â
CRSSelect profile
CVE-2025-48536
7.8đ
In grantAllowlistedPackagePermissions ofMultiple Products
In grantAllowlistedPackagePermissions of SettingsSliceProvider
CVSS Base7.8
â
CRSSelect profile
CVE-2025-26487
8.6đ
UnknownMultiple Products
Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows
remote unauthenticated users to gain access to other network resources
using HTTPS requests through the appliance used as a bridge
CVSS Base8.6
â
CRSSelect profile
CVE-2025-42874
7.9
SAPMultiple Products
SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls
CVSS Base7.9
â
CRSSelect profile
CVE-2025-14323
8.8
PrivilegeMultiple Products
Privilege escalation in the DOM: Notifications component
CVSS Base8.8
â
CRSSelect profile
CVE-2025-14328
8.8
PrivilegeMultiple Products
Privilege escalation in the Netmonitor component
CVSS Base8.8
â
CRSSelect profile
CVE-2025-14329
8.8
PrivilegeMultiple Products
Privilege escalation in the Netmonitor component
CVSS Base8.8
â
CRSSelect profile
CVE-2025-33213
8.8
NVIDIAMultiple Products
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue
CVSS Base8.8
â
CRSSelect profile
CVE-2025-33214
8.8
NVIDIAMultiple Products
NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue
CVSS Base8.8
â
CRSSelect profile
CVE-2025-48588
7.8đ
startAlwaysOnVpnMultiple Products
In startAlwaysOnVpn of Vpn
CVSS Base7.8
â
CRSSelect profile
CVE-2025-13662
7.8
EndpointMultiple Products
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code
CVSS Base7.8
â
CRSSelect profile
CVE-2024-56835
8.8
hasMultiple Products
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2
CVSS Base8.8
â
CRSSelect profile
CVE-2025-12956
8.7
fromMultiple Products
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session
CVSS Base8.7
â
CRSSelect profile
CVE-2025-66324
8.4
compression andMultiple Products
Input verification vulnerability in the compression and decompression module
CVSS Base8.4
â
CRSSelect profile
CVE-2025-66328
8.4
networkMultiple Products
Multi-thread race condition vulnerability in the network management module
CVSS Base8.4
â
CRSSelect profile
CVE-2025-66627
8.4
WasmiMultiple Products
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems
CVSS Base8.4
â
CRSSelect profile
CVE-2025-64671
8.4
ImproperMultiple Products
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally
CVSS Base8.4
â
CRSSelect profile
CVE-2025-61810
8.4
ColdFusionMultiple Products
ColdFusion versions 2025
CVSS Base8.4
â
CRSSelect profile
CVE-2025-61811
8.4
ColdFusionMultiple Products
ColdFusion versions 2025
CVSS Base8.4
â
CRSSelect profile
CVE-2025-61812
8.4
ColdFusionMultiple Products
ColdFusion versions 2025
CVSS Base8.4
â
CRSSelect profile
CVE-2025-40937
8.3
SIMATICMultiple Products
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4
CVSS Base8.3
â
CRSSelect profile
CVE-2025-42878
8.2
SAPMultiple Products
SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production
CVSS Base8.2
â
CRSSelect profile
CVE-2025-63057
8.2
Roxnor Wp UltimateMultiple Products
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS
CVSS Base8.2
â
CRSSelect profile
CVE-2025-61813
8.2
ColdFusionMultiple Products
ColdFusion versions 2025
CVSS Base8.2
â
CRSSelect profile
CVE-2025-40801
8.1
hasMultiple Products
A vulnerability has been identified in COMOS V10
CVSS Base8.1
â
CRSSelect profile
CVE-2025-40938
8.1
SIMATICMultiple Products
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4
CVSS Base8.1
â
CRSSelect profile
CVE-2025-14322
8
SandboxMultiple Products
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
CVSS Base8
â
CRSSelect profile
CVE-2025-67495
8
ZITADELMultiple Products
ZITADEL is an open-source identity infrastructure tool
CVSS Base8
â
CRSSelect profile
CVE-2025-22420
7.8
multipleMultiple Products
In multiple locations, there is a possible way to leak audio files across user profiles due to a confused deputy
CVSS Base7.8
â
CRSSelect profile
CVE-2025-32328
7.8
multipleMultiple Products
In multiple functions of Session
CVSS Base7.8
â
CRSSelect profile
CVE-2025-32329
7.8
multipleMultiple Products
In multiple functions of Session
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48525
7.8
disassociateMultiple Products
In disassociate of DisassociationProcessor
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48555
7.8
multipleMultiple Products
In multiple functions of NotificationStation
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48565
7.8
multipleMultiple Products
In multiple locations, there is a possible way to bypass the cross profile intent filter due to a logic error in the code
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48566
7.8
multipleMultiple Products
In multiple locations, there is a possible bypass of user profile boundary with a forwarded intent due to improper input validation
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48573
7.8
sendCommandMultiple Products
In sendCommand of MediaSessionRecord
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48575
7.8
multipleMultiple Products
In multiple functions of CertInstaller
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48580
7.8
connectInternalMultiple Products
In connectInternal of MediaBrowser
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48583
7.8
multipleMultiple Products
In multiple functions of BaseBundle
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48586
7.8
onActivityResultMultiple Products
In onActivityResult of EditFdnContactScreen
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48589
7.8
multipleMultiple Products
In multiple functions of HeaderPrivacyIconsController
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48596
7.8
appendFromMultiple Products
In appendFrom of Parcel
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48597
7.8
multipleMultiple Products
In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48599
7.8
multipleMultiple Products
In multiple functions of WifiScanModeActivity
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48612
7.8
multipleMultiple Products
In multiple locations, there is a possible way for an application on a work profile to set the main user's default NFC payment setting due to improper input validation
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48615
7.8
getComponentNameMultiple Products
In getComponentName of MediaButtonReceiverHolder
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48620
7.8
In onSomePackagesChanged ofMultiple Products
In onSomePackagesChanged of VoiceInteractionManagerService
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48623
7.8
InMultiple Products
In init_pkvm_hyp_vcpu of pkvm
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48624
7.8
multipleMultiple Products
In multiple functions of arm-smmu-v3
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48627
7.8
In startNextMatchingActivity ofMultiple Products
In startNextMatchingActivity of ActivityTaskManagerService
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48628
7.8
In validateIconUserBoundary ofMultiple Products
In validateIconUserBoundary of PrintManagerService
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48629
7.8
findAvailRecognizerMultiple Products
In findAvailRecognizer of VoiceInteractionManagerService
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48632
7.8
setDisplayNameMultiple Products
In setDisplayName of AssociationRequest
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48637
7.8
multipleMultiple Products
In multiple functions of mem_protect
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48638
7.8
InMultiple Products
In __pkvm_load_tracing of trace
CVSS Base7.8
â
CRSSelect profile
CVE-2025-48606
7.8
preparePackageMultiple Products
In preparePackage of InstallPackageHelper
CVSS Base7.8
â
CRSSelect profile
CVE-2025-66533
7.8
StellarWP GiveWP giveMultiple Products
Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection
CVSS Base7.8
â
CRSSelect profile
CVE-2025-62572
7.8
UnknownMultiple Products
Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally