Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.8 CRITICAL
CVE-2025-41275 — Nozomi Networks Waterfall WF-500 OS Command Injection Vulnerability

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.8 CRITICAL
CVE-2025-41274 — Nozomi Networks Labs Waterfall WF-500 OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.8 CRITICAL
CVE-2025-41273 — Nozomi Networks Labs Nozomi Waterfall Authentication Bypass

Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows…

wf-500_firmware wf-500 | Remote | Authentication
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.8 CRITICAL
CVE-2025-41272 — Nozomi Networks Waterfall WF-500 OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
8.7 HIGH
CVE-2025-41271 — Nozomi Networks Waterfall WF-500 Relative Path Traversal

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers …

wf-500_firmware wf-500 | Remote | Path Traversal
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.8 CRITICAL
CVE-2025-41270 — Nozomi Networks Waterfall WF-500 OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.8 CRITICAL
CVE-2025-41269 — Nozomi Networks Waterfall WF-500 OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
9.1 CRITICAL
CVE-2025-41268 — Nozomi Networks Waterfall WF-500 RX Host Relative Path Traversal Remote File Deletion

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated att…

wf-500_firmware wf-500 | Remote | Path Traversal
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
8.5 HIGH
CVE-2025-41267 — Nozomi Networks Waterfall WF-500 OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
8.6 HIGH
CVE-2025-41266 — Nozomi Networks Waterfall WF-500 TX Host OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
8.6 HIGH
CVE-2025-41265 — Nozomi Networks Waterfall WF-500 TX Host OS Command Injection

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version…

wf-500_firmware wf-500 | Remote | Injection
May 29, 2026 Jun 01, 2026
May 29, 2026
Jun 01, 2026
Showing 20 of 7371 Results