Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.5

MEDIUM

CVE-2025-43335

The issue was addressed by adding additional logic. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data....

Affected Products : macos
Published: Nov. 04, 2025

Modified: Nov. 05, 2025

Vuln Type: Information Disclosure
5.5

MEDIUM

CVE-2025-21049

Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability....

Affected Products : android
Published: Oct. 10, 2025

Modified: Oct. 23, 2025

Vuln Type: Authorization
5.5

MEDIUM

CVE-2025-43379

This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An app may be able to access protected user data....

Affected Products : macos iphone_os tvos watchos ipados visionos
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Path Traversal
5.5

MEDIUM

CVE-2025-55699

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +6 more products
Published: Oct. 14, 2025

Modified: Oct. 31, 2025
5.5

MEDIUM

CVE-2025-61155

Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local attackers to cause a denial of service by crashing arbitrary processes via sending crafted IOCTL requests....

Affected Products :
Published: Oct. 28, 2025

Modified: Oct. 30, 2025

Vuln Type: Denial of Service
5.5

MEDIUM

CVE-2025-12310

A security vulnerability has been detected in VirtFusion up to 6.0.2. This vulnerability affects unknown code of the file /account/_settings of the component Email Change Handler. The manipulation leads to improper restriction of excessive authentication ...

Affected Products :
Published: Oct. 27, 2025

Modified: Oct. 30, 2025

Vuln Type: Authentication
5.5

MEDIUM

CVE-2025-43334

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data....

Affected Products : macos
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Authorization
5.5

MEDIUM

CVE-2025-43396

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. A sandboxed app may be able to access sensitive user data....

Affected Products : macos
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Authorization
5.5

MEDIUM

CVE-2025-59190

Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
5.5

MEDIUM

CVE-2025-27041

Transient DOS while processing video packets received from video firmware....

Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +116 more products
Published: Oct. 09, 2025

Modified: Nov. 05, 2025

Vuln Type: Denial of Service
5.5

MEDIUM

CVE-2025-53061

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with net...

Affected Products : peoplesoft_enterprise_peopletools
Published: Oct. 21, 2025

Modified: Oct. 28, 2025
5.5

MEDIUM

CVE-2025-55683

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025
Published: Oct. 14, 2025

Modified: Oct. 27, 2025
5.5

MEDIUM

CVE-2025-59209

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +8 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
5.5

MEDIUM

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init....

Affected Products : radare2
Published: Oct. 17, 2025

Modified: Oct. 23, 2025

Vuln Type: Memory Corruption
5.5

MEDIUM

CVE-2025-47979

Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_server_2025
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
5.5

MEDIUM

CVE-2025-59260

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
5.5

MEDIUM

CVE-2025-59211

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +8 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
5.5

MEDIUM

CVE-2025-59284

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally....

Affected Products : windows_11_22h2 windows_11_23h2 windows_11_24h2 windows_server_2025 windows_11_25h2
Published: Oct. 14, 2025

Modified: Oct. 27, 2025
5.5

MEDIUM

CVE-2025-59197

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +6 more products
Published: Oct. 14, 2025

Modified: Oct. 30, 2025
5.5

MEDIUM

CVE-2025-59229

Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally....

Affected Products : 365_apps office_long_term_servicing_channel office_2024
Published: Oct. 14, 2025

Modified: Oct. 28, 2025

Showing 20 of 3903 Results

Browse by Apps

Latest CVE Feed

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

5.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable