Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.6 CVE-2025-39247

CVE-2025-39247_CVE-2025-39247

There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin per...

Hikvision HikCentral Professional Versions between V2.3.1 and V2.6.2 CVE
HIGH 7.5 CVE-2025-57215

CVE-2025-57215_CVE-2025-57215

Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info.

n/a n/a n/a CVE
HIGH 7.3 CVE-2025-58062

LSTM-Kirigaya’s openmcp-client Vulnerable to RCE in MCP Authorization Flow_CVE-2025-58062

LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attack...

LSTM-Kirigaya openmcp-client < 0.1.12 CVE
HIGH 9 5DCEA730-3215-

Exploit for Improper Input Validation in Rubyonrails Rails_5DCEA730-3215-5132-B9F1-AADB5B27638E

🔐 Black Box Penetration Test on DVWA This repository documents a black-box...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 1CA6A369-9D78-

Exploit for Out-of-bounds Read in Google Chrome_1CA6A369-9D78-5B65-B1A2-2597271F60E6

🛡️ CVE-2025-5419 - Protect Your System From Threats 🚀 Getting Started To get started with...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 MS:CVE-2025-9478

Chromium: CVE-2025-9478 Use after free in ANGLE_MS:CVE-2025-9478

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 8 TALOSBLOG:14385...

Link up, lift up, level up_TALOSBLOG:143856C8B230CB2AC76787734D246A76

![Link up, lift up, level up](https://blog.talosintelligence.com/content/images/2025/08/threat-source-newsletter-3.jpg) Welcome to this week's edi...

N/A N/A TALOSBLOG
HIGH 7.5 CVE-2025-6203

Vault unauthenticated denial of service through complex json payload_CVE-2025-6203

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memo...

HashiCorp Vault 1.15.0 CVE
HIGH 10 THN:23D95FD4E57...

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide_THN:23D95FD4E57F0F8AE6DD888993A1C4D1

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) The China-linked advanced ...

N/A N/A THN
HIGH 7.5 CVE-2025-58047

Volto affected by possible DoS by invoking specific URL by anonymous user_CVE-2025-58047

Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before...

plone volto < 16.34.0 CVE