Latest CVE Feed
-
6.5
MEDIUMCVE-2025-48108
Missing Authorization vulnerability in Mojoomla School Management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects School Management: from n/a through 93.2.0.... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Authorization
-
4.8
MEDIUMCVE-2025-53813
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions. Acquired resource access ... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration
-
4.7
MEDIUMCVE-2025-6247
The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthe... Read more
Affected Products : wordpress_automatic_plugin- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Cross-Site Request Forgery
-
4.8
MEDIUMCVE-2025-8597
MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memory, inje... Read more
Affected Products : macvim- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration
-
4.8
MEDIUMCVE-2025-53811
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency, Consent, and Control) permissions. Acquired resource a... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration