0.0
CVE-2025-61894 -
Not used
0.0
CVE-2025-61889 -
Not used
0.0
CVE-2025-61890 -
Not used
0.0
CVE-2025-61895 -
Not used
0.0
CVE-2025-61888 -
Not used
0.0
CVE-2025-61887 -
Not used
9.8
CVE-2025-6388 - Spirit Framework <= 1.2.14 - Authentication Bypass to Account Takeover and Privilege Escalation
The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.2.14. This is due to the custom_actions() function not properly validating a user's identity prior to authenticating them to the site. This makes it possible for unauthenticated β¦
8.2
CVE-2025-0616 - SQLi in Teknolojik Center Telecommunication's B2B - Netsis Panel
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel allows SQL Injection.This issue affects B2B - Netsis Panel: through 20251003.Β NOTE: The vendor was contacted early aboβ¦
8.4
CVE-2025-11223 -
Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory.
5.9
CVE-2025-61589 - Cursor: Potential Information Leakage via Mermaid Diagram
Cursor is a code editor built for programming with AI. In versions 1.6 and below, Mermaid (a to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled server througβ¦