Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2025-5823

Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Com...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
8.8

HIGH

CVE-2025-5822

Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Autel MaxiCharger AC Wallbox Commercial charg...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Authorization
7.5

HIGH

CVE-2025-5825

Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial charging st...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Misconfiguration
6.3

MEDIUM

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commerci...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Injection
8.8

HIGH

CVE-2025-5827

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Memory Corruption
6.8

MEDIUM

CVE-2025-5828

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV c...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Memory Corruption
6.8

MEDIUM

CVE-2025-5829

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger A...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Memory Corruption
8.8

HIGH

CVE-2025-5830

Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wall...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Memory Corruption
7.5

HIGH

CVE-2025-6678

Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial char...

Affected Products : maxicharger_ac_elite_business_c50_firmware maxicharger_ac_elite_business_c50 maxicharger_ac_pro_firmware maxicharger_ac_pro maxicharger_ac_ultra_firmware maxicharger_ac_ultra maxicharger_dc_compact_mobile_firmware maxicharger_dc_compact_mobile maxicharger_dc_compact_pedestal_firmware maxicharger_dc_compact_pedestal +8 more products
Published: Jun. 25, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
4.8

MEDIUM

CVE-2025-8919

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross...

Affected Products : i-diario
Published: Aug. 13, 2025

Modified: Sep. 10, 2025

Vuln Type: Cross-Site Scripting
5.4

MEDIUM

CVE-2025-8920

A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino...

Affected Products : i-diario
Published: Aug. 13, 2025

Modified: Sep. 10, 2025

Vuln Type: Cross-Site Scripting
9.1

CRITICAL

CVE-2025-54576

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when usin...

Affected Products : oauth2_proxy
Published: Jul. 30, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
7.8

HIGH

CVE-2025-8614

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privile...

Affected Products : nomachine
Published: Sep. 02, 2025

Modified: Sep. 10, 2025

Vuln Type: Misconfiguration
6.3

MEDIUM

CVE-2025-9109

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response dis...

Affected Products : i-diario
Published: Aug. 18, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
5.5

MEDIUM

CVE-2025-55296

librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS (<= 25.6.0) in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaS...

Affected Products : librenms
Published: Aug. 18, 2025

Modified: Sep. 10, 2025

Vuln Type: Cross-Site Scripting
6.5

MEDIUM

CVE-2025-20269

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file sy...

Affected Products : prime_infrastructure evolved_programmable_network_manager
Published: Aug. 20, 2025

Modified: Sep. 10, 2025

Vuln Type: Path Traversal
9.8

CRITICAL

CVE-2025-9994

The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an authentication feature, allowing unauthorized access to anyone with network access....

Affected Products :
Published: Sep. 09, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
8.7

HIGH

CVE-2025-7635

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE....

Affected Products : gigacenter_ont
Published: Sep. 09, 2025

Modified: Sep. 10, 2025

Vuln Type: Authentication
9.8

CRITICAL

CVE-2025-59046

The npm package `interactive-git-checkout` is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via `npm install -g ...

Affected Products :
Published: Sep. 09, 2025

Modified: Sep. 10, 2025

Vuln Type: Injection
8.6

HIGH

CVE-2025-58761

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The `real_pms_image_proxy` endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the applicati...

Affected Products : tautulli
Published: Sep. 09, 2025

Modified: Sep. 10, 2025

Vuln Type: Path Traversal

Showing 20 of 293338 Results

1
...
5
6
7
8
9
10
11
...
14667

Browse by Apps

Latest CVE Feed

6.5

8.8

7.5

6.3

8.8

6.8

6.8

8.8

7.5

4.8

5.4

9.1

7.8

6.3

5.5

6.5

9.8

8.7

9.8

8.6

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable