Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 ACE2808D-D8E7-

Exploit for Code Injection in Langflow_ACE2808D-D8E7-5480-A37E-6C2F309255FE

CVE-2025-3248 Introduction...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.3 CVE-2025-10156

PickleScan Security Bypass via Bad CRC in ZIP Archive_CVE-2025-10156

An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacke...

mmaitre314 picklescan CVE
CRITICAL 9.3 CVE-2025-10155

PickleScan Security Bypass Using Misleading File Extension_CVE-2025-10155

An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attac...

mmaitre314 picklescan CVE
CRITICAL 9.3 CVE-2025-9242

WatchGuard Firebox iked Out of Bounds Write Vulnerability_CVE-2025-9242

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerab...

WatchGuard Fireware OS 12.0 CVE
CRITICAL 9.3 CVE-2025-9972

Planet Technology|Industrial Cellular Gateway – OS Command Injection_CVE-2025-9972

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to i...

Planet Technology ICG-2510WG-LTE (EU/US) CVE
CRITICAL 9.3 CVE-2025-9971

Planet Technology|Industrial Cellular Gateway – Missing Authentication_CVE-2025-9971

Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated ...

Planet Technology ICG-2510WG-LTE (EU/US) CVE
CRITICAL 9.1 CVE-2025-8699

CVE-2025-8699_CVE-2025-8699

Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers could potentially use this vulnerability to change ...

KioSoft Stored Value Unattended Payment Solution Current firmware/hardware as of Q2/2025 CVE
CRITICAL 9.3 CVE-2025-34183

Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak Through Log Disclosure_CVE-2025-34183

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a vulnerability in its server-side logging mechanism that allows unauthenticated remote attac...

Ilevia Srl. EVE X1 Server * CVE
CRITICAL 9.3 CVE-2025-34184

Ilevia EVE X1 Server 4.7.18.0.eden Neuro-Core Unauthenticated Code Injection_CVE-2025-34184

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remo...

Ilevia Srl. EVE X1 Server * CVE
CRITICAL 9.8 CVE-2025-43342

CVE-2025-43342_CVE-2025-43342

A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 2...

Apple iOS and iPadOS unspecified CVE