Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2025-5948

Service Finder Bookings <= 6.0 - Unauthenticated Privilege Escalation via claim_business_CVE-2025-5948

The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6...

aonetheme Service Finder Bookings * CVE
CRITICAL 9.8 CVE-2025-54807

Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Hard-coded Cryptographic Key_CVE-2025-54807

The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing k...

Dover Fueling Solutions ProGauge MagLink LX 4 CVE
CRITICAL 9.8 CVE-2025-30519

Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Weak Credentials_CVE-2025-30519

Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. A...

Dover Fueling Solutions ProGauge MagLink LX 4 CVE
CRITICAL 9.8 CVE-2025-10690

Goza – Nonprofit Charity WordPress Theme <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation_CVE-2025-10690

The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to unauthorized arbitrary file uploads due to a missing capability c...

Bearsthemes Goza - Nonprofit Charity WordPress Theme * CVE
CRITICAL 10 CVE-2025-10035

Deserialization Vulnerability in GoAnywhere MFT’s License Servlet_CVE-2025-10035

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature ...

Fortra GoAnywhere MFT CVE
CRITICAL 10 4AF207A5-E197-

Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx_4AF207A5-E197-5F22-8135-3E390EDBF0EF

CVE-2025-57819_FreePBX.........

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 916B144F-C9DF-

Exploit for OS Command Injection in Magnussolution Magnusbilling_916B144F-C9DF-547C-A87A-1F70E9E4B705

This is a PoC exploit for CVE-2023-30258, an exploit targeting the Magnus Billing...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 THN:B3990C80D25...

SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers_THN:B3990C80D25F289A5F08D86FDD452E01

![SonicWall Urges Password Resets](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYI...

N/A N/A THN
CRITICAL 9.8 72A570C7-A22D-

Exploit for Code Injection in Foxcms_72A570C7-A22D-592D-9353-B314A8CF4773

Day06 — FoxCMS-style RCE (CVE-2025-29306) — Educational lab This...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 CVE-2025-23316

CVE-2025-23316_CVE-2025-23316

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code ex...

NVIDIA Triton Inference Server All versions prior to 25.08 CVE