Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-43340

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox....

Affected Products : macos
Published: Sep. 15, 2025

Modified: Sep. 17, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-53801

Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +1 more products
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-55228

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally....

Affected Products : windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-9274

Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interacti...

Affected Products : imaris_viewer
Published: Sep. 02, 2025

Modified: Sep. 15, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-54242

Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

Affected Products : macos premiere_pro windows
Published: Sep. 09, 2025

Modified: Sep. 15, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-54916

Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +7 more products
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-54899

Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally....

Affected Products : office 365_apps excel office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 office_2019
Published: Sep. 09, 2025

Modified: Sep. 12, 2025
7.8

HIGH

CVE-2025-54908

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally....

Affected Products : office 365_apps powerpoint office_long_term_servicing_channel office_2024 office_2021 office_2019 powerpoint_2016
Published: Sep. 09, 2025

Modified: Sep. 12, 2025
7.8

HIGH

CVE-2025-54896

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally....

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products
Published: Sep. 09, 2025

Modified: Sep. 12, 2025
7.8

HIGH

CVE-2025-43341

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges....

Affected Products : macos
Published: Sep. 15, 2025

Modified: Sep. 17, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-54092

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-43316

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26, visionOS 26. A malicious app may be able to gain root privileges....

Affected Products : macos visionos
Published: Sep. 15, 2025

Modified: Sep. 17, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-8892

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : shared_components
Published: Sep. 22, 2025

Modified: Sep. 22, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-43286

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox....

Affected Products : macos
Published: Sep. 15, 2025

Modified: Sep. 17, 2025

Vuln Type: Authorization
7.8

HIGH

CVE-2025-49692

Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally....

Affected Products : azure_connected_machine_agent
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-54904

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally....

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products
Published: Sep. 09, 2025

Modified: Sep. 12, 2025
7.8

HIGH

CVE-2025-43204

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox....

Affected Products : macos
Published: Sep. 15, 2025

Modified: Sep. 17, 2025
7.8

HIGH

CVE-2025-54098

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products
Published: Sep. 09, 2025

Modified: Sep. 11, 2025
7.8

HIGH

CVE-2025-10491

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, Mon...

Affected Products : mongodb
Published: Sep. 15, 2025

Modified: Sep. 16, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-50255

Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22 via crafted GET request....

Affected Products :
Published: Sep. 18, 2025

Modified: Sep. 19, 2025

Vuln Type: Cross-Site Request Forgery

Showing 20 of 4404 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable