Latest Critical CVEs

• CVE-2025-14388 - PhastPress trary File Read via Null Byte Injection

  CVE ID :CVE-2025-14388
  Published : Dec. 23, 2025, 10:15 a.m. | 1 hour, 15 minutes ago
  Description :The PhastPress plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read via null byte injection in all versions up to, and including, 3.7. This is due to a discrepancy between the extension validation in `getExtensionForURL()` which operates on URL-decoded paths, and `appendNormalized()` which strips everything after a null byte before constructing the filesystem path. This makes it possible for unauthenticated attackers to read arbitrary files from the webroot, including wp-config.php, by appending a double URL-encoded null byte (%2500) followed by an allowed extension (.txt) to the file path.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12934 - Beaver Builder – WordPress Page Builder ber+) Arbitrary Post Update

  CVE ID :CVE-2025-12934
  Published : Dec. 23, 2025, 10:15 a.m. | 1 hour, 15 minutes ago
  Description :The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicate_wpml_layout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary posts with the content of other existing posts, potentially exposing private and password-protected content and deleting any content that is not saved in revisions or backups. Posts must have been created with Beaver Builder to be copied or updated.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-68615 - Net-SNMP snmptrapd crash

  CVE ID :CVE-2025-68615
  Published : Dec. 23, 2025, 12:15 a.m. | 11 hours, 15 minutes ago
  Description :net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-68476 - KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential

  CVE ID :CVE-2025-68476
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account Token specified in spec.hashiCorpVault.credential.serviceAccount. An attacker with permissions to create or modify a TriggerAuthentication resource can exfiltrate the content of any file from the node's filesystem (where the KEDA pod resides) by directing the file's content to a server under their control, as part of the Vault authentication request. The potential impact includes the exfiltration of sensitive system information, such as secrets, keys, or the content of files like /etc/passwd. This issue has been patched in versions 2.17.3 and 2.18.3.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-65856 - Xiongmai XM530 IP Camera Authentication Bypass

  CVE ID :CVE-2025-65856
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-34458 - wb2osz/direwolf

  CVE ID :CVE-2025-34458
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-34457 - wb2osz/direwolf DoS

  CVE ID :CVE-2025-34457
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53981 - PhotoShow 3.0 Remote Code Execution via Exiftran Path Injection

  CVE ID :CVE-2023-53981
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a crafted video upload process.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53980 - ProjectSend r1605 Remote Code Execution via File Extension Manipulation

  CVE ID :CVE-2023-53980
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions through the upload.process.php endpoint to execute arbitrary commands on the server.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53979 - MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities

  CVE ID :CVE-2023-53979
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration editing interface.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53975 - Atom CMS 2.0 Unauthenticated SQL Injection via Admin Index Page

  CVE ID :CVE-2023-53975
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53973 - Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module

  CVE ID :CVE-2023-53973
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53972 - WebTareas 2.4 Unauthenticated SQL Injection via Session Cookie Parameter

  CVE ID :CVE-2023-53972
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie parameter that allows unauthenticated attackers to manipulate database queries. Attackers can exploit error-based and time-based blind SQL injection techniques to extract database information and potentially access sensitive system data.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53971 - WebTareas 2.4 Authenticated Remote Code Execution via File Upload

  CVE ID :CVE-2023-53971
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file path.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53968 - Screen SFT DAB 600/C Firmware 1.9.3 Authentication Bypass Erase Account

  CVE ID :CVE-2023-53968
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to remove user accounts without proper authentication.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53966 - SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

  CVE ID :CVE-2023-53966
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53965 - SOUND4 Server Service 4.1.102 Local Privilege Escalation via Unquoted Service Path

  CVE ID :CVE-2023-53965
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53963 - SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Remote Command Injection

  CVE ID :CVE-2023-53963
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands through the 'password' parameter. Attackers can exploit the login.php and index.php scripts by injecting shell commands via the 'password' POST parameter to execute commands with web server privileges.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53960 - SOUND4 IMPACT/FIRST/PULSE/Eco v2.x SQL Injection via Authentication Bypass

  CVE ID :CVE-2023-53960
  Published : Dec. 22, 2025, 10:16 p.m. | 13 hours, 15 minutes ago
  Description :SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php' authentication mechanism that allows attackers to manipulate login credentials. Attackers can inject malicious SQL code through the 'password' POST parameter to bypass authentication and potentially gain unauthorized access to the system.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2023-53955 - SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Authorization Bypass via Insecure Object References

  CVE ID :CVE-2023-53955
  Published : Dec. 22, 2025, 10:15 p.m. | 13 hours, 15 minutes ago
  Description :SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the vulnerability by manipulating user-supplied input to execute privileged functionalities without proper authentication.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...