Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.6 CVE-2025-50979

CVE-2025-50979_CVE-2025-50979

NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not p...

n/a n/a n/a CVE
HIGH 7 CVE-2025-51667

CVE-2025-51667_CVE-2025-51667

An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited S...

n/a n/a n/a CVE
HIGH 8.8 CVE-2025-55422

CVE-2025-55422_CVE-2025-55422

In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.

n/a n/a n/a CVE
HIGH 7.1 CVE-2025-58217

WordPress Instant Breaking News Plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-58217

Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS. This issue affects Instant Breaking News: f...

GeroNikolov Instant Breaking News n/a CVE
HIGH 7.2 CVE-2025-58218

WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability_CVE-2025-58218

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection. This issue affect...

enituretechnology Small Package Quotes – USPS Edition n/a CVE
HIGH 9.3 062B064A-995D-

Exploit for CVE-2017-0144_062B064A-995D-529E-A82E-F63E45BB83CE

Metasploit Framework Cheatsheet Introduction Metasploit is...

N/A N/A GITHUBEXPLOIT
HIGH 8.3 CVE-2025-50983

CVE-2025-50983_CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fail...

n/a n/a n/a CVE
HIGH 8.8 475729AA-79CA-

Exploit for Path Traversal in Rarlab Winrar_475729AA-79CA-5313-A66B-5ED6FE5F29AD

CVE-2025-8088: WinRAR’s Zero-Day Path Traversal — From Zero to Pwn 🗿 Intro – The “Old Friend”...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 1F051EA7-460D-

Exploit for Path Traversal in Rarlab Winrar_1F051EA7-460D-5978-8385-AE36F61F4FFF

CVE-2025-8088 WinRAR Exploit 🔓 A proof-of-concept exploit for WinRAR vulnerability...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 CVE-2025-50989

CVE-2025-50989_CVE-2025-50989

OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The spa...

n/a n/a n/a CVE