Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.7 CVE-2025-57751

Denial-of-Service attack in pyLoad CNL Blueprint using dukpy.evaljs_CVE-2025-57751

pyLoad is the free and open-source Download Manager written in pure Python. The jk parameter is received in pyLoad CNL Blueprint. Due to the lack o...

pyload pyload < 0.5.0b3.dev92 CVE
HIGH 7.3 CVE-2025-55524

CVE-2025-55524_CVE-2025-55524

Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrarily reset the system via unspecified vectors.

n/a n/a n/a CVE
HIGH 8.3 CVE-2025-7051

N-central Syslog Configuration Insecure Direct Object Reference_CVE-2025-7051

On N-central, it is possible for any authenticated user to read, write and modify syslog configuration across customers on an N-central server. Thi...

N-able N-central 2024.6.0 CVE
HIGH 8 CVE-2025-55742

UnoPim Stored XSS via SVG MIME/Sanitizer Bypass_CVE-2025-55742

UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-s...

unopim unopim < 0.2.1 CVE
HIGH 7.3 CVE-2025-55743

UnoPim vulnerable to remote code execution through Arbitrary File upload_CVE-2025-55743

UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user cre...

unopim unopim < 0.2.1 CVE
HIGH 8.8 CVE-2025-55420

CVE-2025-55420_CVE-2025-55420

A Reflected Cross Site Scripting (XSS) vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it ...

n/a n/a n/a CVE
HIGH 8.1 CVE-2025-57755

claude-code-router CORS. misconfiguration_CVE-2025-57755

claude-code-router is a powerful tool to route Claude Code requests to different models and customize any request. Due to improper Cross-Origin Res...

musistudio claude-code-router < 1.0.34 CVE
HIGH 7.5 CVE-2025-48956

vLLM API endpoints vulnerable to Denial of Service Attacks_CVE-2025-48956

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability ca...

vllm-project vllm >= 0.1.0, < 0.10.1.1 CVE
HIGH 8.6 CVE-2025-55383

CVE-2025-55383_CVE-2025-55383

Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any loc...

n/a n/a n/a CVE
HIGH 8.8 MALWAREBYTES:70...

All Apple users should update after company patches zero-day vulnerability in all platforms_MALWAREBYTES:706BCD0DE2FB27440170B7A638B7B2F0

Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware...

N/A N/A MALWAREBYTES