Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.3 CVE-2025-55618

CVE-2025-55618_CVE-2025-55618

In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then...

n/a n/a n/a CVE
HIGH 8.8 4B2CA779-8B93-

Exploit for Path Traversal in Rarlab Winrar_4B2CA779-8B93-556B-8EB9-57B92661FCF0

WinRAR Exploit Tool - Rust Edition Advanced WinRAR Path Traversal...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 82EC2AA2-F629-

Exploit for Path Traversal in Rarlab Winrar_82EC2AA2-F629-5075-976C-4D21100BFC5D

CVE-2025-8088 PoC (Educational Use Only) Details...

N/A N/A GITHUBEXPLOIT
HIGH 7.8 BAF5C962-0CAA-

Exploit for Out-of-bounds Write in Polkit_Project Polkit_BAF5C962-0CAA-52B7-AE6B-D340F9A1D195

Search Github for PoC based on provided query. Sorts results in decending order by number of stars. Provides the total number...

N/A N/A GITHUBEXPLOIT
HIGH 8.6 CVE-2025-50979

CVE-2025-50979_CVE-2025-50979

NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not p...

n/a n/a n/a CVE
HIGH 7 CVE-2025-51667

CVE-2025-51667_CVE-2025-51667

An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited S...

n/a n/a n/a CVE
HIGH 8.8 CVE-2025-55422

CVE-2025-55422_CVE-2025-55422

In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.

n/a n/a n/a CVE
HIGH 7.1 CVE-2025-58217

WordPress Instant Breaking News Plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-58217

Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS. This issue affects Instant Breaking News: f...

GeroNikolov Instant Breaking News n/a CVE
HIGH 7.2 CVE-2025-58218

WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability_CVE-2025-58218

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection. This issue affect...

enituretechnology Small Package Quotes – USPS Edition n/a CVE
HIGH 9.3 062B064A-995D-

Exploit for CVE-2017-0144_062B064A-995D-529E-A82E-F63E45BB83CE

Metasploit Framework Cheatsheet Introduction Metasploit is...

N/A N/A GITHUBEXPLOIT