Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2025-52053

CVE-2025-52053_CVE-2025-52053

TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74 function via the file_name paramet...

n/a n/a n/a CVE
CRITICAL 9.1 CVE-2025-45583

CVE-2025-45583_CVE-2025-45583

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using...

n/a n/a n/a CVE
CRITICAL 10 THN:5984C592802...

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More_THN:5984C5928028D8480F72C8FB920D5AB0

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) In a world where threats a...

N/A N/A THN
CRITICAL 9.8 CVE-2025-59359

OS command injection in Chaos Mesh via the cleanTcs mutation_CVE-2025-59359

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthent...

N/A N/A CVE
CRITICAL 9.8 CVE-2025-59360

OS command injection in Chaos Mesh via the killProcesses mutation_CVE-2025-59360

The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unaut...

N/A N/A CVE
CRITICAL 9.8 CVE-2025-59361

OS command injection in Chaos Mesh via the cleanIptables mutation_CVE-2025-59361

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unaut...

N/A N/A CVE
CRITICAL 9.3 CVE-2025-10432

Tenda AC1206 HTTP Request AdvSetMacMtuWa check_param_changed stack-based overflow_CVE-2025-10432

A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtu...

Tenda AC1206 15.03.06.23 CVE
CRITICAL 9.3 CVE-2025-10452

Gotac|Statistical Database System – Missing Authentication_CVE-2025-10452

Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modif...

Gotac Statistical Database System CVE
CRITICAL 9.8 D3A49B37-8D51-

Exploit for CVE-2025-12654_D3A49B37-8D51-55C2-B230-299B4DC66E02

AnyDesk Exploit AnyDesk, remote access software, has faced security concerns like RCE...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 3A169241-BE57-

Exploit for Out-of-bounds Write in Mediatek Software_Development_Kit_3A169241-BE57-5AF9-93D8-F4F009207A27

What is...

N/A N/A GITHUBEXPLOIT