CVEs from 2025
Total
8,834
critical
critical 1,313
high
high 1,950
medium
medium 1,966
low
low 200
% Critical
14.9%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-68493 | unknown | — | — | 5mo ago | Apache Struts 2 is Missing XML Validation | |||
| CVE-2025-65091 | unknown | — | — | 5mo ago | XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService | |||
| CVE-2025-65090 | unknown | — | — | 5mo ago | XWiki Full Calendar Macro vulnerable to data leak through Calendar.JSONService | |||
| CVE-2025-70974 | unknown | — | — | 5mo ago | FASTJSON Includes Functionality from Untrusted Control Sphere | |||
| CVE-2025-68158 | unknown | — | — | 5mo ago | Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied to the initiating user session, so CSR… | |||
| CVE-2025-12543 | unknown | — | — | 5mo ago | Undertow HTTP server core doesn't properly validate the Host header in incoming HTTP requests | |||
| CVE-2025-66560 | unknown | — | — | 5mo ago | Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write | |||
| CVE-2025-69230 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is… | |||
| CVE-2025-69229 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a … | |||
| CVE-2025-69228 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontro… | |||
| CVE-2025-69227 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS a… | |||
| CVE-2025-69226 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path no… | |||
| CVE-2025-69225 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There… | |||
| CVE-2025-69224 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII… | |||
| CVE-2025-69223 | unknown | — | — | 5mo ago | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be a… | |||
| CVE-2025-61916 | unknown | — | — | 5mo ago | Spinnaker vulnerable to SSRF due to improper restrictions on http from user input | |||
| CVE-2025-68280 | unknown | — | — | 5mo ago | Apache SIS has Improper Restriction of XML External Entity Reference vulnerability | |||
| CVE-2025-15022 | unknown | — | — | 5mo ago | Vaadin vulnerable to Cross-site Scripting | |||
| CVE-2025-66518 | unknown | — | — | 5mo ago | Apache Kyuubi Server vulnerable to Path Traversal | |||
| CVE-2025-47411 | unknown | — | — | 5mo ago | Apache StreamPipes has Improper Privilege Management issue | |||
| CVE-2025-68950 | unknown | — | — | 5mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a … | |||
| CVE-2025-68618 | unknown | — | — | 5mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7… | |||
| CVE-2025-67746 | unknown | — | — | 5mo ago | Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI cont… | |||
| CVE-2025-68351 | unknown | — | — | 5mo ago | In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfat_find Fix refcount leaks in `exfat_find` related to `exfat_get_dentry_set`. Function `exfat_get… | |||
| CVE-2025-13467 | unknown | — | — | 6mo ago | Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization | |||
| CVE-2025-66524 | unknown | — | — | 6mo ago | Apache NiFi GetAsanaObject Processor has Remote Code Execution via Unsafe Deserialization | |||
| CVE-2025-68384 | unknown | — | — | 6mo ago | Elasticsearch has Excessive Allocation of Resources via Submission of Oversized User Settings Data | |||
| CVE-2025-68390 | unknown | — | — | 6mo ago | Elasticsearch privileged authenticated users can cause DoS through Excessive Resource Allocation | |||
| CVE-2025-68161 | unknown | — | — | 6mo ago | Apache Log4j does not verify the TLS hostname in its Socket Appender | |||
| CVE-2025-14763 | unknown | — | — | 6mo ago | Amazon S3 Encryption Client for Java has a Key Commitment Issue | |||
| CVE-2025-68154 | unknown | — | — | 6mo ago | systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows syste… | |||
| CVE-2025-68146 | unknown | — | — | 6mo ago | filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use (TOCTOU) race condition allows local attackers to corrupt or truncate arbitrary user … | |||
| CVE-2025-68142 | unknown | — | — | 6mo ago | PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension (`pymdownx.blocks.caption`).… | |||
| CVE-2025-68315 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in free_nid_list As reported, on-disk footer.ino and footer.nid is the same and out-o… | |||
| CVE-2025-68307 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of … | |||
| CVE-2025-68251 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted ima… | |||
| CVE-2025-68239 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: restore write access before closing files opened by open_exec() bm_register_write() opens an executable file using o… | |||
| CVE-2025-68201 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: remove two invalid BUG_ON()s Those can be triggered trivially by userspace. | |||
| CVE-2025-40347 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU… | |||
| CVE-2025-68113 | unknown | — | — | 6mo ago | ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay | |||
| CVE-2025-67735 | unknown | — | — | 6mo ago | Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder | |||
| CVE-2025-37731 | unknown | — | — | 6mo ago | Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates | |||
| CVE-2025-14674 | unknown | — | — | 6mo ago | snail-job is vulnerable to Code Injection through QLExpressEngine.doEval function | |||
| CVE-2025-67721 | unknown | — | — | 6mo ago | aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer | |||
| CVE-2025-3586 | unknown | — | — | 6mo ago | Liferay Portal and DXP Instance Admin can execute code using Objects Actions and Validations | |||
| CVE-2025-53960 | unknown | — | — | 6mo ago | Apache StreamPark: Use the user’s password as the secret key Vulnerability | |||
| CVE-2025-40345 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes … | |||
| CVE-2025-54981 | unknown | — | — | 6mo ago | Apache StreamPark uses a Weak Encryption Algorithm | |||
| CVE-2025-54947 | unknown | — | — | 6mo ago | Apache StreamPark has a hard-coded encryption key | |||
| CVE-2025-26866 | unknown | — | — | 6mo ago | Apache HugeGraph-Server: RAFT and deserialization vulnerability | |||
| CVE-2025-67505 | unknown | — | — | 6mo ago | Race condition in the Okta Java SDK | |||
| CVE-2025-66033 | unknown | — | — | 6mo ago | Improper Memory Cleanup in the Okta Java SDK | |||
| CVE-2025-67641 | unknown | — | — | 6mo ago | Jenkins Coverage Plugin has a stored cross-site scripting (XSS) vulnerability | |||
| CVE-2025-67642 | unknown | — | — | 6mo ago | Jenkins HashiCorp Vault Plugin exposes system-scoped Vault credentials | |||
| CVE-2025-67643 | unknown | — | — | 6mo ago | Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability | |||
| CVE-2025-67638 | unknown | — | — | 6mo ago | Jenkins's build authorization token is stored and displayed in plain text | |||
| CVE-2025-67636 | unknown | — | — | 6mo ago | Jenkins is missing a permission check on password fields | |||
| CVE-2025-67639 | unknown | — | — | 6mo ago | Jenkins has a CSRF vulnerability on the login form | |||
| CVE-2025-67637 | unknown | — | — | 6mo ago | Jenkins's build authorization token is stored and displayed in plain text | |||
| CVE-2025-67635 | unknown | — | — | 6mo ago | Jenkins has a Denial of service vulnerability in HTTP-based CLI | |||
| CVE-2025-67640 | unknown | — | — | 6mo ago | Jenkins Git client Plugin has an OS command injection vulnerability on agents in Git client Plugin | |||
| CVE-2025-67713 | unknown | — | — | 6mo ago | Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirect_url as safe when url.Parse(...).IsAbs() is false, enabling phishing flows after login. Protocol-relative URLs like /… | |||
| CVE-2025-66628 | unknown | — | — | 6mo ago | ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in… | |||
| CVE-2025-66474 | unknown | — | — | 6mo ago | XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection | |||
| CVE-2025-66473 | unknown | — | — | 6mo ago | XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis | |||
| CVE-2025-66472 | unknown | — | — | 6mo ago | XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication | |||
| CVE-2025-66675 | unknown | — | — | 6mo ago | Apache Struts has a Denial of Service vulnerability | |||
| CVE-2025-14082 | unknown | — | — | 6mo ago | Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions | |||
| CVE-2025-13955 | unknown | — | — | 6mo ago | Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default pa… | |||
| CVE-2025-13954 | unknown | — | — | 6mo ago | Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI | |||
| CVE-2025-14307 | unknown | — | — | 6mo ago | An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attacke… | |||
| CVE-2025-14306 | unknown | — | — | 6mo ago | A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to travers… | |||
| CVE-2025-40281 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto syzbot reported a possible shift-out-of-bounds [1] Blame… | |||
| CVE-2025-40280 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self(). syzbot reported use-after-free of tipc_net(net)->monitors[] in tipc_mon_reini… | |||
| CVE-2025-40278 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . … | |||
| CVE-2025-66623 | unknown | — | — | 6mo ago | Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands | |||
| CVE-2025-66564 | unknown | — | — | 6mo ago | Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (whi… | |||
| CVE-2025-66506 | unknown | — | — | 6mo ago | Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to str… | |||
| CVE-2025-66573 | unknown | — | — | 6mo ago | Solstice Pod API (version 5.5, 6.2) contains an unauthenticated API endpoint (`/api/config`) that exposes sensitive information such as the session key, server version, product details, and display n… | |||
| CVE-2025-66516 | unknown | — | — | 6mo ago | Apache Tika has XXE vulnerability | |||
| CVE-2025-40264 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pk… | |||
| CVE-2025-40263 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: Input: cros_ec_keyb - fix an invalid memory access If cros_ec_keyb_register_matrix() isn't called (due to `buttons_switches_only`… | |||
| CVE-2025-40262 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: Input: imx_sc_key - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an ad… | |||
| CVE-2025-40261 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to com… | |||
| CVE-2025-40257 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, &entry->add_timer) while a… | |||
| CVE-2025-40254 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the set(nsh(...)) action is completely wr… | |||
| CVE-2025-40250 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on request_irq() failure The mlx5_irq_alloc() function can inadvertently free the entire rma… | |||
| CVE-2025-40214 | unknown | — | — | 6mo ago | In the Linux kernel, the following vulnerability has been resolved: af_unix: Initialise scc_index in unix_add_edge(). Quang Le reported that the AF_UNIX GC could garbage-collect a receive queue of … | |||
| CVE-2025-66453 | unknown | — | — | 6mo ago | Rhino has high CPU usage and potential DoS when passing specific numbers to `toFixed()` function | |||
| CVE-2025-65955 | unknown | — | — | 6mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests … | |||
| CVE-2025-13472 | unknown | — | — | 6mo ago | BlazeMeter Jenkins Plugin is Missing Authorization for Available Resources | |||
| CVE-2025-10939 | unknown | — | — | 6mo ago | Keycloak unable to restrict access to the admin console | |||
| CVE-2025-11538 | unknown | — | — | 6mo ago | Keycloak has debug default bind address | |||
| CVE-2025-55749 | unknown | — | — | 6mo ago | XWiki Jetty Package (XJetty) allows accessing any application file through URL | |||
| CVE-2025-64775 | unknown | — | — | 6mo ago | Apache Struts is Vulnerable to DoS via File Leak | |||
| CVE-2025-12183 | unknown | — | — | 6mo ago | LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS | |||
| CVE-2025-66372 | unknown | — | — | 6mo ago | Mustangproject allows exfiltrating files via XXE attacks | |||
| CVE-2025-3261 | unknown | — | — | 6mo ago | ThingsBoard allows an authenticated user to upload malicious SVG images | |||
| CVE-2025-54057 | unknown | — | — | 6mo ago | Apache SkyWalking has a stored XSS vulnerability | |||
| CVE-2025-66035 | unknown | — | — | 6mo ago | Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF tok… |