| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7940 | Genshin Albedo Cat House App com.house.auscat AndroidManifest.xml improper export of android application components | Genshin | Albedo Cat House App | Medium | 5.3 | 2025-07-21 21:02:06 | Deep Dive |
| CVE-2025-41459 | Insecure authentication due to missing bruteforce protection and runtime manipulation in Two App Studio Journey 5.5.6 for iOS | Two App Studio | Journey | High | 7.8 | 2025-07-21 11:01:29 | Deep Dive |
| CVE-2025-41458 | Insecure data storage vulnerability in Two App Studio Journey v5.5.9 for iOS | Two App Studio | Journey | Medium | 5.5 | 2025-07-21 11:01:14 | Deep Dive |
| CVE-2025-7893 | Foresight News App pro.foresightnews.appa AndroidManifest.xml improper export of android application components | Foresight | News App | Medium | 5.3 | 2025-07-20 13:44:05 | Deep Dive |
| CVE-2025-7892 | IDnow App de.idnow AndroidManifest.xml improper export of android application components | - | IDnow App | Medium | 5.3 | 2025-07-20 13:14:05 | Deep Dive |
| CVE-2025-7891 | InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export of android application components | InstantBits | Web Video Cast App | Medium | 5.3 | 2025-07-20 13:02:06 | Deep Dive |
| CVE-2025-7890 | Dunamu StockPlus App com.dunamu.stockplus AndroidManifest.xml improper export of android application components | Dunamu | StockPlus App | Medium | 5.3 | 2025-07-20 12:44:06 | Deep Dive |
| CVE-2025-7889 | CallApp Caller ID App caller.id.phone.number.block AndroidManifest.xml improper export of android application components | CallApp | Caller ID App | Medium | 5.3 | 2025-07-20 12:32:06 | Deep Dive |
| CVE-2025-4657 | Lenovo Protection Driver 安全漏洞 | Lenovo | PC Manager | Medium | 6.7 | 2025-07-17 19:22:28 | Deep Dive |
| CVE-2025-53641 | Postiz allows header mutation in middleware facilitates resulting in SSRF | gitroomhq | postiz-app | High | 8.2 | 2025-07-11 17:28:20 | Deep Dive |
| CVE-2025-43856 | immich allows account hijacking through oauth2 | immich-app | immich | - | - | 2025-07-11 17:10:52 | Deep Dive |
| CVE-2025-31267 | Apple App Store Connect 安全漏洞 | Apple | App Store Connect | - | - | 2025-07-10 22:23:30 | Deep Dive |
| CVE-2025-0141 | GlobalProtect App: Privilege Escalation (PE) Vulnerability | Palo Alto Networks | GlobalProtect App | - | - | 2025-07-09 22:58:55 | Deep Dive |
| CVE-2025-0140 | GlobalProtect App: Non Admin User Can Disable the GlobalProtect App | Palo Alto Networks | GlobalProtect App | - | - | 2025-07-09 22:58:29 | Deep Dive |
| CVE-2025-48817 | Remote Desktop Client Remote Code Execution Vulnerability | Microsoft | Remote Desktop client for Windows Desktop | High | 8.8 | 2025-07-08 16:57:44 | Deep Dive |
| CVE-2025-7326 | EOL ASP.NET Core Elevation of Privilege Vulnerability | Microsoft | ASP.NET Core 6.0 | High | 7.0 | 2025-07-08 14:31:46 | Deep Dive |
| CVE-2025-6748 | Bharti Airtel Thanks App files cleartext storage in a file or on disk | Bharti Airtel | Thanks App | Low | 2.1 | 2025-06-27 01:31:06 | Deep Dive |
| CVE-2025-52477 | Octo-STS Vulnerable to Unauthenticated SSRF with HTTP Response Reflection in OIDC Flow | octo-sts | app | High | 8.6 | 2025-06-26 16:46:09 | Deep Dive |
| CVE-2025-49989 | WordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerability | App Cheap | App Builder | Medium | 5.3 | 2025-06-20 15:04:09 | Deep Dive |
| CVE-2025-4879 | Citrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges | Citrix | Workspace App for Windows | - | - | 2025-06-17 13:03:00 | Deep Dive |