Latest Critical CVEs

• CVE-2025-48626 - Cisco Application Remote Privilege Escalation

  CVE ID :CVE-2025-48626
  Published : Dec. 8, 2025, 5:16 p.m. | 2 hours, 5 minutes ago
  Description :In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-42620 - CSRF vulnerability in CIRCL Vulnerability-Lookup

  CVE ID :CVE-2025-42620
  Published : Dec. 8, 2025, 1:15 p.m. | 6 hours, 6 minutes ago
  Description :In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting (XSS). On the backend, the related_vulnerabilities field of bundles accepted arbitrary strings without format validation or proper sanitization. On the frontend, comment and bundle descriptions were converted from Markdown to HTML and then injected directly into the DOM using string templates and innerHTML. This combination allowed an attacker who could create or edit comments or bundles to store crafted HTML/JavaScript payloads which would later be rendered and executed in the browser of any user visiting the affected profile page (user.html).  This issue affects Vulnerability-Lookup: before 2.18.0.
  Severity: 8.3 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-42615 - Improper Restriction of Excessive Authentication Attempts vulnerability in CIRCL Vulnerability-Lookup

  CVE ID :CVE-2025-42615
  Published : Dec. 8, 2025, 12:16 p.m. | 7 hours, 6 minutes ago
  Description :In affected versions, vulnerability-lookup did not track or limit failed One-Time Password (OTP) attempts during Two-Factor Authentication (2FA) verification. An attacker who already knew or guessed a valid username and password could submit an arbitrary number of OTP codes without causing the account to be locked or generating any specific alert for administrators. This lack of rate-limiting and lockout on OTP failures significantly lowers the cost of online brute-force attacks against 2FA codes and increases the risk of successful account takeover, especially if OTP entropy is reduced (e.g. short numeric codes, user reuse, or predictable tokens). Additionally, administrators had no direct visibility into accounts experiencing repeated 2FA failures, making targeted attacks harder to detect and investigate. The patch introduces a persistent failed_otp_attempts counter on user accounts, locks the user after 5 invalid OTP submissions, resets the counter on successful verification, and surfaces failed 2FA attempts in the admin user list. This enforces an account lockout policy for OTP brute-force attempts and improves monitoring capabilities for suspicious 2FA activity.This issue affects Vulnerability-Lookup: before 2.18.0.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66461 - GS Yuasa International Ltd. FULLBACK Manager Pro Unquoted Service Path

  CVE ID :CVE-2025-66461
  Published : Dec. 8, 2025, 10:16 a.m. | 9 hours, 6 minutes ago
  Description :FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-27020 - Improper configuration of SSH service in Infinera MTC-9

  CVE ID :CVE-2025-27020
  Published : Dec. 8, 2025, 10:16 a.m. | 9 hours, 6 minutes ago
  Description :Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-27019 - Remote shell service (RSH) in Infinera MTC-9

  CVE ID :CVE-2025-27019
  Published : Dec. 8, 2025, 10:16 a.m. | 9 hours, 6 minutes ago
  Description :Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66328 - Cisco Network Management Module Race Condition Vulnerability

  CVE ID :CVE-2025-66328
  Published : Dec. 8, 2025, 9:15 a.m. | 10 hours, 6 minutes ago
  Description :Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-26487 - Server Side Request Forgery (SSRF) in the web server of Infinera MTC-9

  CVE ID :CVE-2025-26487
  Published : Dec. 8, 2025, 9:15 a.m. | 10 hours, 6 minutes ago
  Description :Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources using HTTPS requests through the appliance used as a bridge.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12956 - Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x

  CVE ID :CVE-2025-12956
  Published : Dec. 8, 2025, 9:15 a.m. | 10 hours, 6 minutes ago
  Description :A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66324 - Apache App Data Integrity Verification Flaw

  CVE ID :CVE-2025-66324
  Published : Dec. 8, 2025, 8:15 a.m. | 11 hours, 6 minutes ago
  Description :Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14196 - H3C Magic B1 aspForm sub_44de0 buffer overflow

  CVE ID :CVE-2025-14196
  Published : Dec. 7, 2025, 4:15 p.m. | 1 day, 3 hours ago
  Description :A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14191 - UTT 进取 512W formP2PLimitConfig strcpy buffer overflow

  CVE ID :CVE-2025-14191
  Published : Dec. 7, 2025, 1:15 p.m. | 1 day, 6 hours ago
  Description :A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formP2PLimitConfig. Such manipulation of the argument except leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14188 - UGREEN DH2100+ nas_svr create handler_file_backup_create command injection

  CVE ID :CVE-2025-14188
  Published : Dec. 7, 2025, 11:15 a.m. | 1 day, 8 hours ago
  Description :A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 8.3 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14187 - UGREEN DH2100+ nas_svr create handler_file_backup_create buffer overflow

  CVE ID :CVE-2025-14187
  Published : Dec. 7, 2025, 9:15 a.m. | 1 day, 10 hours ago
  Description :A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 8.3 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14141 - UTT 进取 520W formArpBindConfig strcpy buffer overflow

  CVE ID :CVE-2025-14141
  Published : Dec. 6, 2025, 4:15 p.m. | 2 days, 3 hours ago
  Description :A flaw has been found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formArpBindConfig. Executing manipulation of the argument pools can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14136 - Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

  CVE ID :CVE-2025-14136
  Published : Dec. 6, 2025, 1:15 p.m. | 2 days, 6 hours ago
  Description :A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2Repeater_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14135 - Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wired_clientlist_setClientsName stack-based overflow

  CVE ID :CVE-2025-14135
  Published : Dec. 6, 2025, 12:15 p.m. | 2 days, 7 hours ago
  Description :A vulnerability was identified in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function AP_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14134 - Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

  CVE ID :CVE-2025-14134
  Published : Dec. 6, 2025, 11:15 a.m. | 2 days, 8 hours ago
  Description :A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2Repeater_get_wireless_clientlist_setClientsName of the file mod_form.so. Executing manipulation of the argument clientsname_0 can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14133 - Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wireless_clientlist_setClientsName stack-based overflow

  CVE ID :CVE-2025-14133
  Published : Dec. 6, 2025, 11:15 a.m. | 2 days, 8 hours ago
  Description :A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function AP_get_wireless_clientlist_setClientsName of the file mod_form.so. Performing manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14126 - TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials

  CVE ID :CVE-2025-14126
  Published : Dec. 6, 2025, 10:16 a.m. | 2 days, 9 hours ago
  Description :A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...