Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.6 CVE-2025-0165

IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL injection_CVE-2025-0165

IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5, and 5.0.0 through 5.2.0 is vulnerable to SQL injection. A remote attacke...

IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4 CVE
HIGH 7.8 9E42A4F0-2D6A-

Exploit for Link Following in Microsoft_9E42A4F0-2D6A-54CF-B221-B58097033A96

CVE-2025-48799 – Apache Tomcat Remote Code Execution (PoC) This repository...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 THN:3A65D63D8A6...

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices_THN:3A65D63D8A66367916BBE9C07FC21461

![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) WhatsApp has addressed a s...

N/A N/A THN
HIGH 8.8 A04AEBD0-F12E-

Exploit for Out-of-bounds Write in Apple Safari_A04AEBD0-F12E-5FDF-8C3E-2423C0DA3176

(Original Fork Network Left) Glass Cage: Zero-Click PNG Exploit Chain...

N/A N/A GITHUBEXPLOIT
HIGH 7.8 CVE-2025-43268

CVE-2025-43268_CVE-2025-43268

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root...

Apple macOS unspecified CVE
HIGH 7.8 CVE-2025-43187

CVE-2025-43187_CVE-2025-43187

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Run...

Apple macOS unspecified CVE
HIGH 7.3 CVE-2025-40927

CGI::Simple versions 1.281 and earlier for Perl has a HTTP response splitting flaw_CVE-2025-40927

CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability is a confirmed HTTP response splitting flaw in CGI...

MANWAR CGI::Simple CVE
HIGH 7.7 CVE-2025-58323

CVE-2025-58323_CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary file...

NAVER NAVER MYBOX Explorer 3.0.8.133 CVE
HIGH 7.3 CVE-2025-47909

Improper validation of TrustedOrigins allows CSRF attacks in github.com/gorilla/csrf_CVE-2025-47909

Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After...

github.com/gorilla/csrf github.com/gorilla/csrf CVE
HIGH 8.8 CVE-2025-34165

NetSupport Manager < 14.12.0000 Stack-Based Buffer Overflow_CVE-2025-34165

A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to ca...

NetSupport Ltd. NetSupport Manager 14.x CVE