Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2025-6236

    The Hostel WordPress plugin before 1.1.5.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for e... Read more

    Affected Products : hostel
    • Published: Jul. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-5865

    A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout ... Read more

    Affected Products : rt-thread
    • Published: Jun. 09, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-12835

    Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is requ... Read more

    Affected Products : drasimucad
    • Published: Dec. 30, 2024
    • Modified: Jul. 11, 2025

  • 7.8

    HIGH
    CVE-2024-12834

    Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required ... Read more

    Affected Products : drasimucad
    • Published: Dec. 30, 2024
    • Modified: Jul. 11, 2025

  • 7.8

    HIGH
    CVE-2024-12836

    Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required ... Read more

    Affected Products : drasimucad
    • Published: Dec. 30, 2024
    • Modified: Jul. 11, 2025

  • 9.8

    CRITICAL
    CVE-2025-5866

    A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.... Read more

    Affected Products : rt-thread rt-thread
    • Published: Jun. 09, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5867

    A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference.... Read more

    Affected Products : rt-thread rt-thread
    • Published: Jun. 09, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-5868

    A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validat... Read more

    Affected Products : rt-thread rt-thread
    • Published: Jun. 09, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-5869

    A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption.... Read more

    Affected Products : rt-thread rt-thread
    • Published: Jun. 09, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 6.8

    MEDIUM
    CVE-2025-29982

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.... Read more

    Affected Products : wyse_management_suite
    • Published: Apr. 02, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-29981

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information di... Read more

    Affected Products : wyse_management_suite
    • Published: Apr. 02, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Information Disclosure

  • 4.9

    MEDIUM
    CVE-2025-27693

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerabili... Read more

    Affected Products : wyse_management_suite
    • Published: Apr. 02, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2025-27694

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.... Read more

    Affected Products : wyse_management_suite
    • Published: Apr. 02, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Denial of Service

  • 7.2

    HIGH
    CVE-2025-27692

    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Inf... Read more

    Affected Products : wyse_management_suite
    • Published: Apr. 02, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2025-47727

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.... Read more

    Affected Products : cncsoft
    • Published: Jun. 04, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2025-47725

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.... Read more

    Affected Products : cncsoft
    • Published: Jun. 04, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2025-47726

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.... Read more

    Affected Products : cncsoft
    • Published: Jun. 04, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2025-47724

    Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.... Read more

    Affected Products : cncsoft
    • Published: Jun. 04, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 7.3

    HIGH
    CVE-2025-47728

    Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.... Read more

    Affected Products : cncsoft-g2
    • Published: Jun. 04, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Misconfiguration

  • 8.4

    HIGH
    CVE-2025-22881

    Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to ... Read more

    Affected Products : cncsoft-g2
    • Published: Feb. 26, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291558 Results