Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-21390

Microsoft Excel Remote Code Execution Vulnerability...

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products
Published: Feb. 11, 2025

Modified: Jul. 01, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-21363

Microsoft Word Remote Code Execution Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2024
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Authentication
8.4

HIGH

CVE-2025-21362

Microsoft Excel Remote Code Execution Vulnerability...

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Misconfiguration
6.7

MEDIUM

CVE-2025-21357

Microsoft Outlook Remote Code Execution Vulnerability...

Affected Products : office 365_apps outlook office_long_term_servicing_channel office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-21356

Microsoft Office Visio Remote Code Execution Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-21346

Microsoft Office Security Feature Bypass Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_2016 office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-21345

Microsoft Office Visio Remote Code Execution Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025
7.8

HIGH

CVE-2025-21186

Microsoft Access Remote Code Execution Vulnerability...

Affected Products : office access 365_apps office_long_term_servicing_channel access_2016 office_2024 office_2021 office_2019
Published: Jan. 14, 2025

Modified: Jul. 01, 2025
7.8

HIGH

CVE-2025-21394

Microsoft Excel Remote Code Execution Vulnerability...

Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products
Published: Feb. 11, 2025

Modified: Jul. 01, 2025
7.8

HIGH

CVE-2025-47176

'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally....

Affected Products : office 365_apps office_long_term_servicing_channel office_2024
Published: Jun. 10, 2025

Modified: Jul. 01, 2025

Vuln Type: Path Traversal
7.8

HIGH

CVE-2025-21392

Microsoft Office Remote Code Execution Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 office_2016 office_2024 office_2021 office_2019
Published: Feb. 11, 2025

Modified: Jul. 01, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-21397

Microsoft Office Remote Code Execution Vulnerability...

Affected Products : office 365_apps office_long_term_servicing_channel office_2024 office_2021
Published: Feb. 11, 2025

Modified: Jul. 01, 2025
9.0

HIGH

CVE-2025-6886

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-b...

Affected Products : ac5_firmware ac5
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Memory Corruption
9.0

HIGH

CVE-2025-6887

A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The...

Affected Products : ac5_firmware ac5
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Memory Corruption
6.3

MEDIUM

CVE-2025-3745

The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks....

Affected Products : wp_lightbox_2
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Cross-Site Scripting
4.3

MEDIUM

CVE-2025-5730

The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks....

Affected Products : contact_form contact_form
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Cross-Site Scripting
9.8

CRITICAL

CVE-2025-6897

A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has b...

Affected Products : di-7300g\+_firmware di-7300g\+
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Injection
8.8

HIGH

CVE-2025-27607

Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the na...

Affected Products : python_json_logger
Published: Mar. 07, 2025

Modified: Jul. 01, 2025

Vuln Type: Supply Chain
9.8

CRITICAL

CVE-2025-6900

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initia...

Affected Products : library_system
Published: Jun. 30, 2025

Modified: Jul. 01, 2025
9.8

CRITICAL

CVE-2025-6906

A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotel...

Affected Products : car_rental_system
Published: Jun. 30, 2025

Modified: Jul. 01, 2025

Vuln Type: Injection

Showing 20 of 293967 Results

1
...
807
808
809
810
811
812
813
...
14699

Browse by Apps

Latest CVE Feed

7.8

7.8

8.4

6.7

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

9.0

9.0

6.3

4.3

9.8

8.8

9.8

9.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable