Latest CVE Feed
-
7.5
HIGHCVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotel... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection
-
4.2
MEDIUMCVE-2025-3449
A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions.... Read more
Affected Products : automation_runtime- Published: Oct. 07, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Cryptography
-
9.3
CRITICALCVE-2025-10353
File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/s... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection
-
6.1
MEDIUMCVE-2025-3448
Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser ... Read more
Affected Products : automation_runtime- Published: Oct. 07, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Cross-Site Scripting