Latest Critical CVEs

• CVE-2025-13619 - Flex Store Users e Escalation

  CVE ID :CVE-2025-13619
  Published : Dec. 20, 2025, 7:15 a.m. | 12 hours, 49 minutes ago
  Description :The Flex Store Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.0. This is due to the 'fsUserHandle::signup' and the 'fsSellerRole::add_role_seller' functions not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site. Note: The vulnerability can be exploited with the 'fs_type' parameter if the Flex Store Seller plugin is also activated.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-13329 - File Uploader for WooCommerce via add-image-data

  CVE ID :CVE-2025-13329
  Published : Dec. 20, 2025, 4:16 a.m. | 15 hours, 49 minutes ago
  Description :The File Uploader for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the callback function for the 'add-image-data' REST API endpoint in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to upload arbitrary files to the Uploadcare service and subsequently download them on the affected site's server which may make remote code execution possible.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14300 - Unauthenticated Access to connectAP API Endpoint on Tapo C200

  CVE ID :CVE-2025-14300
  Published : Dec. 20, 2025, 1:16 a.m. | 18 hours, 49 minutes ago
  Description :The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An unauthenticated attacker on the same local network segment can exploit this to modify the device’s Wi-Fi configuration, resulting in loss of connectivity and denial-of-service (DoS).
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-68613 - n8n Vulnerable to Remote Code Execution via Expression Injection

  CVE ID :CVE-2025-68613
  Published : Dec. 19, 2025, 11:15 p.m. | 20 hours, 49 minutes ago
  Description :n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
  Severity: 9.9 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53959 - FileZilla Client 3.63.1 DLL Hijacking via Missing TextShaping.dll

  CVE ID :CVE-2023-53959
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve remote code execution when the application launches.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53958 - LDAP Tool Box Self Service Password 1.5.2 Account Takeover via HTTP Host Header

  CVE ID :CVE-2023-53958
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53957 - Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking

  CVE ID :CVE-2023-53957
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53956 - Flatnux 2021-03.25 Authenticated File Upload Remote Code Execution

  CVE ID :CVE-2023-53956
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53954 - ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

  CVE ID :CVE-2023-53954
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to gain elevated system access when the service restarts.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53952 - Dotclear 2.25.3 Authenticated Remote Code Execution via File Upload

  CVE ID :CVE-2023-53952
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Dotclear 2.25.3 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension through the blog post creation interface. Attackers can upload files containing PHP system commands that execute when the uploaded file is accessed, enabling arbitrary code execution on the server.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53951 - Ever Gauzy v0.281.9 JWT Authentication Weakness via HMAC Secret

  CVE ID :CVE-2023-53951
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53950 - InnovaStudio WYSIWYG Editor 5.4 Unrestricted File Upload via Filename Manipulation

  CVE ID :CVE-2023-53950
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file upload vulnerability that allows attackers to bypass file extension restrictions through filename manipulation. Attackers can upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent upload controls in the asset manager.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53949 - AspEmail 5.6.0.2 Local Privilege Escalation via Binary Permission Vulnerability

  CVE ID :CVE-2023-53949
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53948 - Lilac-Reloaded for Nagios 2.0.8 Remote Code Execution via Autodiscovery

  CVE ID :CVE-2023-53948
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmap_binary parameter to execute a reverse shell by sending a crafted POST request to the autodiscovery endpoint.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53947 - OCS Inventory NG 2.3.0.0 Unquoted Service Path Privilege Escalation

  CVE ID :CVE-2023-53947
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53946 - Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation

  CVE ID :CVE-2023-53946
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53945 - BrainyCP 1.0 Remote Code Execution via Authenticated Crontab Manipulation

  CVE ID :CVE-2023-53945
  Published : Dec. 19, 2025, 9:15 p.m. | 22 hours, 49 minutes ago
  Description :BrainyCP 1.0 contains an authenticated remote code execution vulnerability that allows logged-in users to inject arbitrary commands through the crontab configuration interface. Attackers can exploit the crontab endpoint by adding a malicious command that spawns a reverse shell to a specified IP and port.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14964 - TOTOLINK T10 cstecgi.cgi sprintf stack-based overflow

  CVE ID :CVE-2025-14964
  Published : Dec. 19, 2025, 7:15 p.m. | 1 day ago
  Description :A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack-based buffer overflow. The attack may be performed from remote.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66580 - Dive has Cross-Site Scripting vulnerability that can escalate to Remote Code Execution

  CVE ID :CVE-2025-66580
  Published : Dec. 19, 2025, 5:15 p.m. | 1 day, 2 hours ago
  Description :Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. A critical Stored Cross-Site Scripting (XSS) vulnerability exists in versions prior to 0.11.1 in the Mermaid diagram rendering component. The application allows the execution of arbitrary JavaScript via `javascript:`. An attacker can exploit this to inject a malicious Model Context Protocol (MCP) server configuration, leading to Remote Code Execution (RCE) on the victim's machine when the node is clicked. Version 0.11.1 fixes the issue.
  Severity: 9.6 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-63665 - GT Edge AI Platform Code Injection Vulnerability

  CVE ID :CVE-2025-63665
  Published : Dec. 19, 2025, 5:15 p.m. | 1 day, 2 hours ago
  Description :An issue in GT Edge AI Platform Versions before v2.0.10-dev allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...