| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62119 | WordPress Add Featured Image Custom Link plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability | ViitorCloud Technologies Pvt Ltd | Add Featured Image Custom Link | Medium | 5.9 | 2025-12-31 13:43:18 | Deep Dive |
| CVE-2025-15357 | D-Link DI-7400G+ msp_info.htm command injection | D-Link | DI-7400G+ | Medium | 6.3 | 2025-12-30 21:02:09 | Deep Dive |
| CVE-2025-15245 | D-Link DCS-850L Firmware Update Service uploadfirmware path traversal | D-Link | DCS-850L | Low | 3.5 | 2025-12-30 11:02:17 | Deep Dive |
| CVE-2025-14175 | Weak Algorithm Support in SSH Server on TL-WR820N | TP-Link Systems Inc. | TL-WR820N v2.8 | 中危 | - | 2025-12-29 19:31:23 | Deep Dive |
| CVE-2025-15194 | D-Link DIR-600 HTTP Header hedwig.cgi stack-based overflow | D-Link | DIR-600 | Critical | 9.8 | 2025-12-29 15:32:10 | Deep Dive |
| CVE-2025-15193 | D-Link DWR-M920 formParentControl sub_423848 buffer overflow | D-Link | DWR-M920 | High | 8.8 | 2025-12-29 15:02:09 | Deep Dive |
| CVE-2025-15192 | D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection | D-Link | DWR-M920 | Medium | 6.3 | 2025-12-29 14:32:08 | Deep Dive |
| CVE-2025-15191 | D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 command injection | D-Link | DWR-M920 | Medium | 6.3 | 2025-12-29 14:02:07 | Deep Dive |
| CVE-2025-15190 | D-Link DWR-M920 formFilter sub_42261C stack-based overflow | D-Link | DWR-M920 | High | 8.8 | 2025-12-29 13:32:09 | Deep Dive |
| CVE-2025-15189 | D-Link DWR-M920 formDefRoute sub_464794 buffer overflow | D-Link | DWR-M920 | High | 8.8 | 2025-12-29 13:02:12 | Deep Dive |
| CVE-2025-68600 | WordPress Link Library plugin <= 7.8.7 - Server Side Request Forgery (SSRF) vulnerability | Yannick Lefebvre | Link Library | Medium | 4.9 | 2025-12-24 13:10:47 | Deep Dive |
| CVE-2025-68589 | WordPress WP Telegram Widget and Join Link plugin <= 2.2.12 - Broken Access Control vulnerability | WP Socio | WP Telegram Widget and Join Link | Medium | 5.3 | 2025-12-24 13:10:43 | Deep Dive |
| CVE-2025-68573 | WordPress Simple Keyword to Link plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability | Alessandro Piconi | Simple Keyword to Link | Medium | 5.4 | 2025-12-24 13:10:38 | Deep Dive |
| CVE-2023-53974 | D-Link DSL-124 ME_1.00 Backup Configuration File Disclosure via Unauthenticated Request | D-Link | DSL-124 Wireless N300 ADSL2+ | High | 7.5 | 2025-12-22 21:35:34 | Deep Dive |
| CVE-2025-14300 | Unauthenticated Access to connectAP API Endpoint on Tapo C100 and C200 | TP-Link Systems Inc. | Tapo C200 V3 | - | - | 2025-12-20 00:43:39 | Deep Dive |
| CVE-2025-14299 | Improper Content-Length Validation in HTTPS Requests on Tapo C200 | TP-Link Systems Inc. | Tapo C200 V3 | - | - | 2025-12-20 00:42:44 | Deep Dive |
| CVE-2025-8065 | Remote Code Execution via Stack-based Buffer Overflow in ONVIF SOAP Parser in TP-Link Tapo C200 and C520WS | TP-Link Systems Inc. | Tapo C200 V3 | - | - | 2025-12-20 00:41:57 | Deep Dive |
| CVE-2025-14739 | Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND | TP-Link Systems Inc. | WR940N and WR941ND | - | - | 2025-12-18 18:02:05 | Deep Dive |
| CVE-2025-14738 | Configuration Disclosure Vulnerability in TP-Link WA850RE | TP-Link Systems Inc. | WA850RE | - | - | 2025-12-18 18:01:19 | Deep Dive |
| CVE-2025-14737 | Command Injection Vulnerability in TP-Link WA850RE | TP-Link Systems Inc. | WA850RE | - | - | 2025-12-18 18:00:30 | Deep Dive |