Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-10535

    This vulnerability affects Firefox < 143.... Read more

    Affected Products : firefox
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10534

    This vulnerability affects Firefox < 143 and Thunderbird < 143.... Read more

    Affected Products : firefox thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 8.8

    HIGH
    CVE-2025-10533

    This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10532

    This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10531

    This vulnerability affects Firefox < 143 and Thunderbird < 143.... Read more

    Affected Products : firefox thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10530

    This vulnerability affects Firefox < 143 and Thunderbird < 143.... Read more

    Affected Products : firefox thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10529

    This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 0.0

    NA
    CVE-2025-10528

    This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 7.1

    HIGH
    CVE-2025-10527

    This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025

  • 6.5

    MEDIUM
    CVE-2025-10290

    Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This ... Read more

    Affected Products : firefox_focus
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Misconfiguration

  • 4.3

    MEDIUM
    CVE-2025-8446

    The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible f... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-7744

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dolusoft Omaspot allows SQL Injection.This issue affects Omaspot: before 12.09.2025.... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Injection

  • 9.6

    CRITICAL
    CVE-2025-7743

    Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows Interception, Privilege Escalation.This issue affects Omaspot: before 12.09.2025.... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Cryptography

  • 5.4

    MEDIUM
    CVE-2025-6575

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dolusoft Omaspot allows Reflected XSS.This issue affects Omaspot: before 12.09.2025.... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.0

    HIGH
    CVE-2025-56706

    Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execution (RCE) vulnerability via the Object parameter in the openwrt_getConfig function.... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2025-56697

    A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the /users/adminpanel/admin/home.php?page=feedbacks file of Kashipara Computer Base Test v1.0. Attackers can inject malicious scripts via the smyFeedbacks POST parameter in /users/home.ph... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2024-12913

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection.This issue affects Azora Wireless Network Management: through 2025091... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Injection

  • 7.5

    HIGH
    CVE-2025-41249

    The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decis... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Authorization

  • 7.5

    HIGH
    CVE-2025-41248

    The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security an... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Authorization

  • 5.7

    MEDIUM
    CVE-2025-26711

    There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface.... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 16, 2025
    • Vuln Type: Authorization
Showing 20 of 294299 Results