Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2025-8723

Cloudflare Image Resizing <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook_CVE-2025-8723

The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitizati...

mecanik Cloudflare Image Resizing – Optimize & Accelerate Your Images * CVE
CRITICAL 9.1 CVE-2025-54156

Santesoft Sante PACS Server Cleartext Transmission of Sensitive Information_CVE-2025-54156

The Sante PACS Server Web Portal sends credential information without encryption.

Santesoft Sante PACS Server CVE
CRITICAL 9.8 65FAD546-0AA8-

Exploit for CVE-2025-6934_65FAD546-0AA8-531B-9227-B4AAD843EB1B

# CVE-2025-6934 – WordPress Opal Estate Pro Exploit 📖 Description This repository contains a **Proof of Concept (PoC) exploit** for **CVE-20...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 9023DF99-28AF-

Exploit for Code Injection in Apache Rocketmq_9023DF99-28AF-5E08-A4DF-3ACF072B2F90

## Apache RocketMQ [![Build Status](https://travis-ci.org/apache/rocketmq.svg?branch=master)](https://travis-ci.org/apache/rocketmq) [![Coverage S...

N/A N/A GITHUBEXPLOIT
CRITICAL 10 C5E2B848-F702-

Exploit for Cross-site Scripting in Redhat Keycloak_C5E2B848-F702-5076-ABAA-9F1EE23D7121

# Keycloak Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. This repository contains the ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 91255BC8-23AA-

Exploit for Path Traversal in Alibabagroup One-Java-Agent_91255BC8-23AA-5E69-8182-76128154DDB6

# one-java-agent ![JavaCI](https://github.com/alibaba/one-java-agent/workflows/JavaCI/badge.svg) [![maven](https://img.shields.io/maven-central/v/c...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 570E0F80-DC1A-

Exploit for Path Traversal in Owasp Enterprise_Security_Api_570E0F80-DC1A-5BA6-B8B1-FCB7AD3225D8

Please note that: 1) The LICENSE file only refers to the licensing of the source and binary code of ESAPI. For example, the actual ESAPI JAR f...

N/A N/A GITHUBEXPLOIT
CRITICAL 9 6276B3AF-472D-

Exploit for Cross-site Scripting in Xwiki Commons_6276B3AF-472D-5204-999D-C8E1355D5525

# XWiki Commons [XWiki Commons](http://commons.xwiki.org/xwiki/bin/view/Main/) are technical libraries common to several other top level XWiki pro...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.6 1F444329-FF5F-

Exploit for Cross-site Scripting in Xwiki Xwiki-Rendering_1F444329-FF5F-578D-A932-7280A406CCA5

# XWiki Rendering [XWiki Rendering](http://rendering.xwiki.org/xwiki/bin/view/Main/) is a generic Rendering system that converts textual input in ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.3 EB484048-BFE6-

Exploit for CVE-2025-32778_EB484048-BFE6-585B-9A92-3600B22D8B68

# CVE-2025-32778 - Web-Check Command Injection Exploit [![Critical](https://img.shields.io/badge/CVSS-9.3-critical)](https://nvd.nist.gov/vuln/det...

N/A N/A GITHUBEXPLOIT