Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.0

    HIGH
    CVE-2025-45768

    pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users may benefit from a minimum value and a mechanism for optin... Read more

    Affected Products :
    • Published: Jul. 31, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cryptography

  • 7.5

    HIGH
    CVE-2024-8176

    A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhaust... Read more

    • Published: Mar. 14, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2022-29362

    A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter.... Read more

    Affected Products : zkeacms zkeacms
    • Published: May. 25, 2022
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44444

    GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target mus... Read more

    Affected Products : gimp
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 9.8

    CRITICAL
    CVE-2025-52239

    An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : zkeacms
    • Published: Aug. 04, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 3.9

    LOW
    CVE-2025-44964

    A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.... Read more

    Affected Products : bluestacks
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Cryptography

  • 9.8

    CRITICAL
    CVE-2025-50706

    An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 9.8

    CRITICAL
    CVE-2025-50707

    An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component... Read more

    Affected Products : thinkphp
    • Published: Aug. 05, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2023-44451

    Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit thi... Read more

    Affected Products : xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-44452

    Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this ... Read more

    Affected Products : linuxmint xreader
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2023-50197

    Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the abi... Read more

    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 7.8

    HIGH
    CVE-2025-2760

    GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targ... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-2761

    GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the t... Read more

    Affected Products : gimp
    • Published: Apr. 23, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 8.0

    HIGH
    CVE-2025-5747

    WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. A... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 8.0

    HIGH
    CVE-2025-5748

    WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Although authenticatio... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-5749

    WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authe... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2023-50235

    Hancom Office Show PPT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Show. User interaction is required to expl... Read more

    Affected Products : office_word office_show
    • Published: May. 03, 2024
    • Modified: Aug. 14, 2025

  • 8.8

    HIGH
    CVE-2025-5750

    WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV ... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 6.8

    MEDIUM
    CVE-2025-5751

    WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger. Authentication ... Read more

    • Published: Jun. 06, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2024-45077

    IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is insta... Read more

    Affected Products : maximo_asset_management
    • Published: Jan. 24, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293284 Results