Latest Critical CVEs

• CVE-2025-61588 - risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`

  CVE ID :CVE-2025-61588
  Published : Oct. 2, 2025, 12:15 a.m. | 2 hours, 34 minutes ago
  Description :RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. Other affected packages include risc0-aggregation versions below 0.9, risc0-zkos-v1compat below 2.1.0, risc0-zkvm versions between 3.0.0-rc.1 and 3.0.1. This issue has been fixed in the following versions: risc0-zkvm-platform 2.1.0, risc0-zkos-v1compat 2.1.0, risc0-aggregation 0.9, and risc0-zkvm 2.3.2 and 3.0.3.
  Severity: 9.3 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-59951 - Termix' official Docker image contains an authentication bypass vulnerability

  CVE ID :CVE-2025-59951
  Published : Oct. 1, 2025, 10:15 p.m. | 4 hours, 35 minutes ago
  Description :Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for Termix versions 1.5.0 and below, due to being configured with an Nginx reverse proxy, causes the backend to retrieve the proxy's IP instead of the client's IP when using the req.ip method. This results in isLocalhost always returning True. Consequently, the /ssh/db/host/internal endpoint can be accessed directly without login or authentication. This endpoint records the system's stored SSH host information, including addresses, usernames, and passwords, posing an extremely high security risk. Users who use the official Termix docker image, build their own image using the official dockerfile, or utilize reverse proxy functionality will be affected by this vulnerability. This issue is fixed in version 1.6.0.
  Severity: 9.2 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-56588 - Dolibarr ERP & CRM Remote Code Execution Vulnerability

  CVE ID :CVE-2025-56588
  Published : Oct. 1, 2025, 8:18 p.m. | 6 hours, 32 minutes ago
  Description :Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-46205 - "podofo Heap-Use-After-Free Denial of Service"

  CVE ID :CVE-2025-46205
  Published : Oct. 1, 2025, 7:15 p.m. | 7 hours, 35 minutes ago
  Description :A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) via supplying a crafted PDF file.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-60991 - Codazon Magento Themes Reflected Cross-Site Scripting (XSS)

  CVE ID :CVE-2025-60991
  Published : Oct. 1, 2025, 6:15 p.m. | 8 hours, 34 minutes ago
  Description :A reflected cross-site scripted (XSS) vulnerability in Codazon Magento Themes v1.1.0.0 to v2.4.7 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload injected into the cat parameter.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-57393 - Kissflow Work Platform Stored Cross-Site Scripting Vulnerability

  CVE ID :CVE-2025-57393
  Published : Oct. 1, 2025, 6:15 p.m. | 8 hours, 34 minutes ago
  Description :A stored cross-site scripting (XSS) in Kissflow Work Platform Kissflow Application Versions 7337 Account v2.0 to v4.2vallows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-28357 - Neto CMS CRLF Injection Vulnerability

  CVE ID :CVE-2025-28357
  Published : Oct. 1, 2025, 6:15 p.m. | 8 hours, 34 minutes ago
  Description :A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute arbitrary code via supplying a crafted HTTP request.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-56515 - Fiora Chat Application SVG File Upload Code Execution Vulnerability

  CVE ID :CVE-2025-56515
  Published : Oct. 1, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
  Description :File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers (onmouseover) to be uploaded and stored. When rendered, these SVG files execute arbitrary JavaScript, enabling attackers to steal user sessions, cookies, and perform unauthorized actions in the context of users viewing affected profiles.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-59684 - DigiSigner ONE DLL Hijacking

  CVE ID :CVE-2025-59684
  Published : Oct. 1, 2025, 3:15 p.m. | 11 hours, 34 minutes ago
  Description :DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-52042 - ERPNext SQL Injection Vulnerability

  CVE ID :CVE-2025-52042
  Published : Oct. 1, 2025, 3:15 p.m. | 11 hours, 34 minutes ago
  Description :In Frappe ERPNext 15.57.5, the function get_rfq_containing_supplier() at erpnext/buying/doctype/request_for_quotation/request_for_quotation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query via the txt parameter.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-52041 - ERPNext Stock Reconciliation SQL Injection Vulnerability

  CVE ID :CVE-2025-52041
  Published : Oct. 1, 2025, 3:15 p.m. | 11 hours, 34 minutes ago
  Description :In Frappe ERPNext 15.57.5, the function get_stock_balance_for() at erpnext/stock/doctype/stock_reconciliation/stock_reconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the inventory_dimensions_dict parameter.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-52040 - ERPNext SQL Injection Vulnerability

  CVE ID :CVE-2025-52040
  Published : Oct. 1, 2025, 3:15 p.m. | 11 hours, 34 minutes ago
  Description :In Frappe ERPNext 15.57.5, the function get_blanket_orders() at erpnext/controllers/queries.py is vulnerable to SQL Injection, which allows an attacker can extract all information from databases by injecting a SQL query into the blanket_order_type parameter.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-52039 - Frappe ERPNext SQL Injection Vulnerability

  CVE ID :CVE-2025-52039
  Published : Oct. 1, 2025, 3:15 p.m. | 11 hours, 34 minutes ago
  Description :In Frappe ERPNext 15.57.5, the function get_material_requests_based_on_supplier() at erpnext/stock/doctype/material_request/material_request.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the txt parameter.
  Severity: 8.2 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-10847 - DX UIM Probe Improper ACL Handling RCE

  CVE ID :CVE-2025-10847
  Published : Oct. 1, 2025, 11:15 a.m. | 15 hours, 35 minutes ago
  Description :DX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-61622 - Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory

  CVE ID :CVE-2025-61622
  Published : Oct. 1, 2025, 10:15 a.m. | 16 hours, 35 minutes ago
  Description :Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is vulnerable to remote code execution. Users are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2020-36852 - Custom Searchable Data Entry System

  CVE ID :CVE-2020-36852
  Published : Oct. 1, 2025, 7:15 a.m. | 19 hours, 34 minutes ago
  Description :The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazale_sds_delete_entries_table_row() function. This makes it possible for unauthenticated attackers to completely wipe database tables such as wp_users.
  Severity: 9.1 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-10538 - Authentication Bypass in LG Innotek Camera

  CVE ID :CVE-2025-10538
  Published : Oct. 1, 2025, 4:15 a.m. | 22 hours, 34 minutes ago
  Description :An authentication bypass vulnerability exists in LG Innotek camera models LND7210 and LNV7210R. The vulnerability allows a malicious actor to gain access to camera information including user account information.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-24525 - Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key

  CVE ID :CVE-2025-24525
  Published : Sept. 30, 2025, 11:15 p.m. | 1 day, 3 hours ago
  Description :Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available in Version 6.9.1, released on September 23, 2025.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-10659 - MegaSys Enterprises Telenium Online Web Application OS Command Injection

  CVE ID :CVE-2025-10659
  Published : Sept. 30, 2025, 8:15 p.m. | 1 day, 6 hours ago
  Description :The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to unauthenticated network users that improperly handles user-supplied input. This vulnerability occurs due to the insecure termination of a regular expression check within the endpoint. Because the input is not correctly validated or sanitized, an unauthenticated attacker can inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on the server in the context of the web application service account.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-23293 - NVIDIA Delegated Licensing Service Privilege Escalation Information Disclosure Vulnerability

  CVE ID :CVE-2025-23293
  Published : Sept. 30, 2025, 6:15 p.m. | 1 day, 8 hours ago
  Description :NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...