Latest Critical CVEs

• CVE-2025-12529 - Cost Calculator Builder Deletion

  CVE ID :CVE-2025-12529
  Published : Dec. 2, 2025, 3:16 a.m. | 2 hours, 13 minutes ago
  Description :The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths into the orders that are removed, when an administrator deletes them. This can lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability requires the Cost Calculator Builder Pro version to be installed along with the free version in order to be exploitable.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2024-45675 - IBM Informix Dynamic Server Authentication Bypass

  CVE ID :CVE-2024-45675
  Published : Dec. 2, 2025, 3:16 a.m. | 2 hours, 13 minutes ago
  Description :IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66412 - Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

  CVE ID :CVE-2025-66412
  Published : Dec. 1, 2025, 11:15 p.m. | 6 hours, 13 minutes ago
  Description :Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66410 - Gin-vue-admin has an arbitrary file deletion vulnerability

  CVE ID :CVE-2025-66410
  Published : Dec. 1, 2025, 11:15 p.m. | 6 hours, 13 minutes ago
  Description :Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66401 - MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

  CVE ID :CVE-2025-66401
  Published : Dec. 1, 2025, 11:15 p.m. | 6 hours, 13 minutes ago
  Description :MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66301 - Grav ihas Broken Access Control which allows an Editor to modify the page's YAML Frontmatter to alter form processing actions

  CVE ID :CVE-2025-66301
  Published : Dec. 1, 2025, 10:15 p.m. | 7 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due to improper authorization checks when modifying critical fields on a POST request to /admin/pages/{page_name}, an editor with only permissions to change basic content on the form is now able to change the functioning of the form through modifying the content of the data[_json][header][form] which is the YAML frontmatter which includes the process section which dictates what happens after a user submits the form which include some important actions that could lead to further vulnerabilities. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66300 - Grav is vulnerable to Arbitrary File Read

  CVE ID :CVE-2025-66300
  Published : Dec. 1, 2025, 10:15 p.m. | 7 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A low privilege user account with page editing privilege can read any server files using "Frontmatter" form. This includes Grav user account files (/grav/user/accounts/*.yaml), which store hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66299 - Security Sandbox Bypass with SSTI (Server Side Template Injection) in the Grav CMS

  CVE ID :CVE-2025-66299
  Published : Dec. 1, 2025, 10:15 p.m. | 7 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. Since the security sandbox does not fully protect the Twig object, it is possible to interact with it (e.g., call methods, read/write attributes) through maliciously crafted Twig template directives injected into a web page. This allows an authenticated editor to add arbitrary functions to the Twig attribute system.twig.safe_filters, effectively bypassing the Grav CMS sandbox. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66296 - Grav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account Takeover

  CVE ID :CVE-2025-66296
  Published : Dec. 1, 2025, 9:15 p.m. | 8 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limited user-manager permissions to full administrator access. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66295 - Grav vulnerable to Path traversal / arbitrary YAML write via user creation leading to Account Takeover / System Corruption

  CVE ID :CVE-2025-66295
  Published : Dec. 1, 2025, 9:15 p.m. | 8 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, when a user with privilege of user creation creates a new user through the Admin UI and supplies a username containing path traversal sequences (for example ..\Nijat or ../Nijat), Grav writes the account YAML file to an unintended path outside user/accounts/. The written YAML can contain account fields such as email, fullname, twofa_secret, and hashed_password. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-66294 - Grav is vulnerable to RCE via SSTI through Twig Sandbox Bypass

  CVE ID :CVE-2025-66294
  Published : Dec. 1, 2025, 9:15 p.m. | 8 hours, 13 minutes ago
  Description :Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the cleanDangerousTwig method. This vulnerability is fixed in 1.8.0-beta.27.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-55749 - The XWiki Jetty package (XJetty) allows accessing any application file through URL

  CVE ID :CVE-2025-55749
  Published : Dec. 1, 2025, 9:15 p.m. | 8 hours, 13 minutes ago
  Description :XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package (XJetty), a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials. Fixed in 16.10.11, 17.4.4, and 17.7.0.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-34297 - KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc

  CVE ID :CVE-2025-34297
  Published : Dec. 1, 2025, 7:15 p.m. | 10 hours, 13 minutes ago
  Description :KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor initialization loop writes nfft elements, causing a heap buffer overflow. This vulnerability only affects 32-bit architectures.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-8351 - Scanning a malformed file in Avast Antivirus 8.3.70.94 on MacOS may result in remote code execution

  CVE ID :CVE-2025-8351
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.
  Severity: 9.0 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-63535 - "Blood Bank Management System SQL Injection Vulnerability"

  CVE ID :CVE-2025-63535
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.
  Severity: 9.6 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-63534 - Blood Bank Management System XSS

  CVE ID :CVE-2025-63534
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-63533 - Blood Bank Management System XSS

  CVE ID :CVE-2025-63533
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the rname, remail, rpassword, rphone, rcity parameters, which are then executed in the victim's browser when the page is viewed.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-63532 - Apache Blood Bank Management System SQL Injection

  CVE ID :CVE-2025-63532
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.
  Severity: 9.6 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-57489 - Shirt Pocket SuperDuper! Privilege Escalation Vulnerability

  CVE ID :CVE-2025-57489
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-55222 - Socomec DIRIS Digiware M-70 Modbus TCP and RTU over TCP USB Function Denial of Service

  CVE ID :CVE-2025-55222
  Published : Dec. 1, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
  Description :A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus RTU over TCP on port 503.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...