Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.4 MEDIUM
CVE-2025-68604 — WordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in WPGraphQL allows Cross Site Request Forgery. This issue affects WPGraphQL: from n/a through 2.5.3.

wpgraphql | Remote | Cross-Site Request Forgery
May 07, 2026 May 07, 2026
May 07, 2026
May 07, 2026
7.6 HIGH
CVE-2025-68060 — WordPress Team Member plugin <= 8.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through …

team_member_-_team_with_slider | Remote | Injection
May 07, 2026 May 07, 2026
May 07, 2026
May 07, 2026
5.3 MEDIUM
CVE-2025-66105 — WordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.8 - Broken Access Control…

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket…

bus_ticket_booking_with_seat_reservation | Remote | Authorization
May 07, 2026 May 07, 2026
May 07, 2026
May 07, 2026
5.9 MEDIUM
CVE-2025-62127 — WordPress WEN Logo Slider plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS. This issue affects WEN Logo Slider: from n/a th…

Remote | Cross-Site Scripting
May 07, 2026 May 07, 2026
May 07, 2026
May 07, 2026
5.3 MEDIUM
CVE-2025-2514 — Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtua…

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platfor…

virtual_storage_one_block vsp_g130_firmware vsp_g130 vsp_g150_firmware vsp_g150 vsp_g350_firmware +33 more | Remote | Authentication
May 07, 2026 May 13, 2026
May 07, 2026
May 13, 2026
9.8 CRITICAL
CVE-2025-1978 — Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance cons…

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Vi…

virtual_storage_one_block vsp_g130_firmware vsp_g130 vsp_g150_firmware vsp_g150 vsp_g350_firmware +33 more | Remote | Injection
May 07, 2026 May 13, 2026
May 07, 2026
May 13, 2026
8.0 HIGH
CVE-2024-43384 — Phoenix Contact: Improper removal of sensitive information in MGUARD products

A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.

tc_mguard_rs4000_4g_vzw_vpn_firmware tc_mguard_rs4000_4g_att_vpn_firmware fl_mguard_rs4004_tx\/dtx_firmware fl_mguard_rs4004_tx\/dtx_vpn_firmware tc_mguard_rs4000_3g_vpn_firmware tc_mguard_rs4000_4g_vpn_firmware +68 more | Remote | Information Disclosure
May 07, 2026 May 11, 2026
May 07, 2026
May 11, 2026
Showing 20 of 7227 Results