| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7326 | EOL ASP.NET Core Elevation of Privilege Vulnerability | Microsoft | ASP.NET Core 6.0 | High | 7.0 | 2025-07-08 14:31:46 | Deep Dive |
| CVE-2025-6748 | Bharti Airtel Thanks App files cleartext storage in a file or on disk | Bharti Airtel | Thanks App | Low | 2.1 | 2025-06-27 01:31:06 | Deep Dive |
| CVE-2025-52477 | Octo-STS Vulnerable to Unauthenticated SSRF with HTTP Response Reflection in OIDC Flow | octo-sts | app | High | 8.6 | 2025-06-26 16:46:09 | Deep Dive |
| CVE-2025-49989 | WordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerability | App Cheap | App Builder | Medium | 5.3 | 2025-06-20 15:04:09 | Deep Dive |
| CVE-2025-4879 | Citrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges | Citrix | Workspace App for Windows | - | - | 2025-06-17 13:03:00 | Deep Dive |
| CVE-2025-4227 | GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement | Palo Alto Networks | GlobalProtect App | - | - | 2025-06-13 05:50:52 | Deep Dive |
| CVE-2025-4232 | GlobalProtect: Authenticated Code Injection Through Wildcard on macOS | Palo Alto Networks | GlobalProtect App | - | - | 2025-06-12 23:22:35 | Deep Dive |
| CVE-2025-4613 | Client side RCE in Google Web Designer App | Web Designer App | - | - | 2025-06-12 09:06:05 | Deep Dive | |
| CVE-2025-47956 | Windows Security App Spoofing Vulnerability | Microsoft | Windows Security App | Medium | 5.5 | 2025-06-10 17:02:26 | Deep Dive |
| CVE-2025-32715 | Remote Desktop Protocol Client Information Disclosure Vulnerability | Microsoft | Remote Desktop client for Windows Desktop | Medium | 6.5 | 2025-06-10 17:02:11 | Deep Dive |
| CVE-2025-5864 | Tenda TDSEE App Password Reset Confirmation Code ConfirmSmsCode excessive authentication | Tenda | TDSEE App | Low | 3.7 | 2025-06-09 06:00:17 | Deep Dive |
| CVE-2025-5715 | Signal App Biometric Authentication missing critical step in authentication | Signal | App | Low | 3.8 | 2025-06-06 03:00:20 | Deep Dive |
| CVE-2025-48889 | Gradio Allows Unauthorized File Copy via Path Manipulation | gradio-app | gradio | Medium | 5.3 | 2025-05-30 06:12:33 | Deep Dive |
| CVE-2025-5320 | gradio-app gradio CORS is_valid_origin privilege escalation | gradio-app | gradio | Low | 3.7 | 2025-05-29 13:31:05 | Deep Dive |
| CVE-2025-4009 | Unauthenticated Arbitrary Command Injection in Evertz SDVN | Evertz | 3080ipx-10G | - | - | 2025-05-28 07:00:33 | Deep Dive |
| CVE-2025-5154 | PhonePe App SQLite Database databases cleartext storage in a file or on disk | - | PhonePe App | Low | 2.3 | 2025-05-25 18:31:05 | Deep Dive |
| CVE-2025-4975 | Tapo privilege escalation on shared devices using notifications | TP-Link Systems Inc. | TP-Link Tapo app | - | - | 2025-05-22 21:17:53 | Deep Dive |
| CVE-2025-48127 | WordPress Push notification for Mobile and Web app plugin <= 2.0.3 - Broken Access Control vulnerability | App Cheap | Push notification for Mobile and Web app | Medium | 6.5 | 2025-05-16 15:45:11 | Deep Dive |
| CVE-2025-0135 | GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App | Palo Alto Networks | GlobalProtect App | - | - | 2025-05-14 18:08:33 | Deep Dive |
| CVE-2025-29967 | Remote Desktop Client Remote Code Execution Vulnerability | Microsoft | Remote Desktop client for Windows Desktop | High | 8.8 | 2025-05-13 16:58:32 | Deep Dive |