Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.9 CVE-2025-7376

Information Tampering Vulnerability in multiple processes of GENESIS64, MC Works64, and GENESIS_CVE-2025-7376

Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mits...

Mitsubishi Electric Corporation GENESIS64 all versions CVE
MEDIUM 6.4 CVE-2025-7727

Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks_CVE-2025-7727

The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Fun Fact blocks in all versions...

jegstudio Gutenverse – Ultimate Block Addons and Page Builder for Site Editor * CVE
CRITICAL 9.3 CVE-2025-7768

Use of Hard-coded Credentials in Tigo Energy Cloud Connect Advanced_CVE-2025-7768

Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. This...

Tigo Energy Cloud Connect Advanced CVE
HIGH 8.7 CVE-2025-7769

Improper Neutralization of Special Elements used in a Command (‘Command Injection’) in Tigo Energy Cloud Connect Advanced_CVE-2025-7769

Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api endpoint when the DEVICE_PING command is called, al...

Tigo Energy Cloud Connect Advanced CVE
HIGH 8.7 CVE-2025-7770

Predictable Seed in Pseudo-Random Number Generator (PRNG) in Tigo Energy Cloud Connect Advanced_CVE-2025-7770

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable met...

Tigo Energy Cloud Connect Advanced CVE
HIGH 7.5 CVE-2025-21452

Reachable Assertion in Modem_CVE-2025-21452

Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.

Qualcomm, Inc. Snapdragon 315 5G IoT Modem CVE
MEDIUM 6.1 CVE-2025-21457

Buffer Over-read in Automotive OS Platform Android_CVE-2025-21457

Information disclosure while opening a fastrpc session when domain is not sanitized.

Qualcomm, Inc. Snapdragon AR8035 CVE
HIGH 7.8 CVE-2025-21458

Use After Free in NPU_CVE-2025-21458

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

Qualcomm, Inc. Snapdragon FastConnect 6900 CVE
HIGH 7.8 CVE-2025-21461

Out-of-bounds Write in Camera_Linux_CVE-2025-21461

Memory corruption when programming registers through virtual CDM.

Qualcomm, Inc. Snapdragon FastConnect 6900 CVE
MEDIUM 6.5 CVE-2025-21465

Out-of-bounds Read in Core_CVE-2025-21465

Information disclosure while processing the hash segment in an MBN file.

Qualcomm, Inc. Snapdragon 315 5G IoT Modem CVE