Trending now

CVE-2025-5138 is a vulnerability found in Bitwarden versions up to 2.25.1. It affects the PDF File Handler component, where manipulation leads to a cross-site scripting (XSS) vulnerability. The attack can be launched remotely, and the exploit has been publicly disclosed. The vendor was notified about the vulnerability but reportedly did not respond.

CVE-2025-47577 is an unrestricted file upload vulnerability found in the TemplateInvaders TI WooCommerce Wishlist plugin for WordPress, affecting versions up to 2.9.2. This vulnerability allows attackers to upload arbitrary files, including web shells, to the web server. Successful exploitation of this vulnerability could lead to remote code execution and potentially complete server compromise, allowing attackers to gain unauthorized system access, steal data, modify website content, or compromise the entire web infrastructure. The vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type).

CVE-2025-4919 is an out-of-bounds access vulnerability found in Firefox. It occurs during the optimization of linear sums, which could allow an attacker to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. Successful exploitation of this vulnerability could permit an adversary to achieve out-of-bounds read or write, potentially leading to the access of sensitive information or memory corruption, which could pave the way for code execution. This vulnerability affects Firefox ESR versions before 115.23.1 and was credited to Manfred Paul.

CVE-2025-0655 is a vulnerability that affects man-group's D-Tale software, specifically version 3.15.1. It allows an attacker to override global state settings to enable the `enable_custom_filters` feature, which is normally restricted to trusted environments. Once this feature is enabled, an attacker can exploit the `/test-filter` endpoint to execute arbitrary system commands. This leads to remote code execution (RCE). The vulnerability is addressed in version 3.16.1, which implements validation checks to prevent unauthorized updates to the `enable_custom_filters` setting. Note that CVE-2025-0655 was at one point rejected as a duplicate of CVE-2024-55890.

CVE-2025-20188 is a vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs). It could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. The vulnerability exists because of a hard-coded JSON Web Token (JWT) on an affected system. An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface. A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges. The Out-of-Band AP Image Download feature must be enabled on the device for a successful exploit.

CVE-2025-40775 affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7. The vulnerability arises when BIND encounters an incoming DNS protocol message that includes a Transaction Signature (TSIG). Specifically, the vulnerability triggers when the TSIG contains an invalid value in the algorithm field. In such cases, BIND immediately aborts with an assertion failure.

CVE-2025-3935 affects ScreenConnect versions 25.2.3 and earlier. It is a ViewState code injection vulnerability in ASP.NET Web Forms. The ViewState feature is used to preserve the state of pages and controls, with data encoded in Base64 and protected by machine keys. If an attacker gains privileged system-level access and compromises these machine keys, they could create and send malicious ViewState data to the website. This could potentially lead to remote code execution on the server. ScreenConnect version 25.2.4 disables ViewState to remove any dependency on it.

CVE-2025-24071 involves the exposure of sensitive information in Windows File Explorer, potentially allowing an attacker to perform spoofing over a network. This vulnerability arises from how Windows Explorer handles specially crafted .library-ms files within RAR/ZIP archives. When such an archive is extracted, Windows Explorer automatically parses the .library-ms file due to its indexing and preview mechanisms. If the .library-ms file contains a SimpleLocation tag pointing to an attacker-controlled SMB server, Windows Explorer attempts to resolve this path, triggering an NTLM authentication handshake and potentially sending the victim's NTLMv2 hash without explicit user interaction. This implicit trust and automatic processing of certain file types upon extraction can be exploited to leak credentials.

CVE-2025-32756 is a stack-based buffer overflow vulnerability that affects multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted HTTP requests. Fortinet has observed active exploitation of this vulnerability in the wild, specifically targeting FortiVoice systems. During the exploitation of CVE-2025-32756, threat actors have been observed performing network scans, deleting system crash logs to conceal their activity, and enabling 'fcgi debugging' to log credentials. Additionally, they have been seen deploying malware, establishing cron jobs to harvest credentials, and using scripts to conduct network reconnaissance on compromised devices.

CVE-2024-50379 is a Time-of-check Time-of-use (TOCTOU) race condition vulnerability found in Apache Tomcat. It affects versions 11.0.0-M1 through 11.0.1, 10.1.0-M1 through 10.1.33, and 9.0.0.M1 through 9.0.97. The vulnerability can lead to Remote Code Execution (RCE) on case-insensitive file systems when the default servlet is enabled for write access, a configuration that is not enabled by default. An attacker could exploit this flaw to upload malicious code and trigger its execution, potentially compromising the server.