Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2025-9485

OAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()_CVE-2025-9485

The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up...

cyberlord92 OAuth Single Sign On – SSO (OAuth Client) * CVE
CRITICAL 9.8 CVE-2025-56513

CVE-2025-56513_CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercep...

n/a n/a n/a CVE
CRITICAL 10 CVE-2025-49844

Redis Lua Use-After-Free may lead to remote code execution_CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted ...

redis redis < 8.2.2 CVE
CRITICAL 9.8 3E219D78-A6C0-

Exploit for CVE-2025-8625_3E219D78-A6C0-555F-8DD7-39A68EF19B20

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 PACKETSTORM:210147

📄 Apache Pyfory 0.12.2 Remote Code Execution_PACKETSTORM:210147

This proof of concept exploit demonstrates...

N/A N/A PACKETSTORM
CRITICAL 9.8 521F25D0-F7F8-

Exploit for OS Command Injection in Dell Unity_Operating_Environment_521F25D0-F7F8-54D3-9F0E-9527272BE665

watchTowr-vs-Dell-UnityVSA-CVE-2025-36604........................

N/A N/A GITHUBEXPLOIT
CRITICAL 9.4 CVE-2025-10728

Uncontrolled recursion in Qt SVG module_CVE-2025-10728

When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS

The Qt Company Qt 6.7.0 CVE
CRITICAL 9.4 CVE-2025-10729

Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG_CVE-2025-10729

The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leadin...

The Qt Company Qt 6.7.0 CVE
CRITICAL 9.8 CVE-2025-9286

Appy Pie Connect for WooCommerce <= 1.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via reset_user_password_CVE-2025-9286

The Appy Pie Connect for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the reset_user_...

hancock11 Appy Pie Connect for WooCommerce * CVE
CRITICAL 9.8 CVE-2025-9209

RestroPress – Online Food Ordering System 3.0.0 – 3.1.9.2 – Unauthenticated Information Exposure to Authentication Bypass via Forged JWT_CVE-2025-9209

The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to Authentication Bypass in versions 3.0.0 to 3.1.9.2. This is due...

magnigenie RestroPress – Online Food Ordering System 3.0.0 CVE