Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.3 HIGH
CVE-2025-67849 — Moodle: moodle: cross-site scripting (xss) via improper sanitization of ai prompt respons…

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. …

moodle | Remote | Cross-Site Scripting
Feb 03, 2026 Feb 11, 2026
Feb 03, 2026
Feb 11, 2026
8.1 HIGH
CVE-2025-67848 — Moodle: moodle: authentication bypass via lti provider allows suspended users to gain una…

A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI a…

moodle | Remote | Authentication
Feb 03, 2026 Feb 11, 2026
Feb 03, 2026
Feb 11, 2026
7.1 HIGH
CVE-2025-59902 — HTML injection in NICE Chat

HTML injection vulnerability in NICE Chat. This vulnerability allows an attacker to inject and render arbitrary HTML content in email transcripts by modifying the 'firstName' and 'lastName' parameter…

Remote | Cross-Site Scripting
Feb 03, 2026 Feb 03, 2026
Feb 03, 2026
Feb 03, 2026
5.1 MEDIUM
CVE-2025-41065 — Stored Cross-Site Scripting (XSS) in LUNA from Luna Imaging

Stored Cross-Site Scripting (XSS) vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious paylo…

luna | Remote | Cross-Site Scripting
Feb 03, 2026 Feb 03, 2026
Feb 03, 2026
Feb 03, 2026
Showing 20 of 5264 Results