Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2025-57215

CVE-2025-57215_CVE-2025-57215

Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info.

n/a n/a n/a CVE
HIGH 7.3 CVE-2025-58062

LSTM-Kirigaya’s openmcp-client Vulnerable to RCE in MCP Authorization Flow_CVE-2025-58062

LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attack...

LSTM-Kirigaya openmcp-client < 0.1.12 CVE
HIGH 9 5DCEA730-3215-

Exploit for Improper Input Validation in Rubyonrails Rails_5DCEA730-3215-5132-B9F1-AADB5B27638E

🔐 Black Box Penetration Test on DVWA This repository documents a black-box...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 1CA6A369-9D78-

Exploit for Out-of-bounds Read in Google Chrome_1CA6A369-9D78-5B65-B1A2-2597271F60E6

🛡️ CVE-2025-5419 - Protect Your System From Threats 🚀 Getting Started To get started with...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 MS:CVE-2025-9478

Chromium: CVE-2025-9478 Use after free in ANGLE_MS:CVE-2025-9478

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 8 TALOSBLOG:14385...

Link up, lift up, level up_TALOSBLOG:143856C8B230CB2AC76787734D246A76

![Link up, lift up, level up](https://blog.talosintelligence.com/content/images/2025/08/threat-source-newsletter-3.jpg) Welcome to this week's edi...

N/A N/A TALOSBLOG
HIGH 7.5 CVE-2025-6203

Vault unauthenticated denial of service through complex json payload_CVE-2025-6203

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memo...

HashiCorp Vault 1.15.0 CVE
HIGH 10 THN:23D95FD4E57...

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide_THN:23D95FD4E57F0F8AE6DD888993A1C4D1

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) The China-linked advanced ...

N/A N/A THN
HIGH 7.5 CVE-2025-58047

Volto affected by possible DoS by invoking specific URL by anonymous user_CVE-2025-58047

Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before...

plone volto < 16.34.0 CVE
HIGH 8.1 CVE-2025-58334

CVE-2025-58334_CVE-2025-58334

In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves

JetBrains IDE Services CVE