Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8 CVE-2025-55177

CVE-2025-55177_CVE-2025-55177

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78,...

Facebook WhatsApp Desktop for Mac 2.22.25.2 CVE
HIGH 7.3 CVE-2025-5808

Authentication Bypass vulnerability discovered in the OpenText™ Self-Service Password Reset_CVE-2025-5808

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Passwo...

OpenText Self Service Password Reset 4.8 CVE
HIGH 8 F56D245E-F907-

Exploit for Link Following in Git-Scm Git_F56D245E-F907-5073-A7A2-F4F2B7E65489

CVE-2025-48384: Breaking git with a carriage return and...

N/A N/A GITHUBEXPLOIT
HIGH 10 893307A6-B119-

Exploit for Deserialization of Untrusted Data in Pyyaml_893307A6-B119-5FE5-9ECB-81FB8694DC6B

Vulnerable Python Project ⚠️ WARNING: This...

N/A N/A GITHUBEXPLOIT
HIGH 7.5 THN:2846E849DA8...

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page_THN:2846E849DA8C43F7A4DEA51B6CBBA4F9

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Click Studios, the develop...

N/A N/A THN
HIGH 7.1 CVE-2025-53507

CVE-2025-53507_CVE-2025-53507

Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration informati...

iND Co.,Ltd HL330-DLS (for module MC7700) firmware version 1.03 and earlier CVE
HIGH 8.6 CVE-2025-53508

CVE-2025-53508_CVE-2025-53508

Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and ...

iND Co.,Ltd HL330-DLS (for module MC7700) firmware version 1.03 and earlier CVE
HIGH 8.7 CVE-2025-8858

Changing|Clinic Image System – SQL Injection_CVE-2025-8858

Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL comm...

Changing Clinic Image System CVE
HIGH 8.7 CVE-2025-9639

Ai3|QbiCRMGateway – Arbitrary File Reading through Path Traversal_CVE-2025-9639

The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path ...

Ai3 QbiCRMGateway 7.5.1 CVE
HIGH 8.6 CVE-2025-39247

CVE-2025-39247_CVE-2025-39247

There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin per...

Hikvision HikCentral Professional Versions between V2.3.1 and V2.6.2 CVE