| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-66547 | Nextcloud Server users can modify tags on files that do not belong to them | nextcloud | security-advisories | Medium | 4.3 | 2025-12-05 16:32:17 | Deep Dive |
| CVE-2025-66512 | Nextcloud Server vulnerable to XSS in SVG images when opened outside of Nextcloud | nextcloud | security-advisories | Medium | 5.4 | 2025-12-05 16:22:50 | Deep Dive |
| CVE-2025-66510 | Nextcloud Server Contacts Search allowed users to retrieve contact information of other users beyond their contact list | nextcloud | security-advisories | Medium | 4.5 | 2025-12-05 16:18:54 | Deep Dive |
| CVE-2025-53939 | Kiteworks Core is vulnerable to Improper Input Validation | kiteworks | security-advisories | Medium | 6.3 | 2025-11-29 02:25:46 | Deep Dive |
| CVE-2025-53900 | Kiteworks MFT has a Privilege Defined With Unsafe Actions | kiteworks | security-advisories | Medium | 6.5 | 2025-11-29 02:25:35 | Deep Dive |
| CVE-2025-53899 | Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel | kiteworks | security-advisories | High | 7.2 | 2025-11-29 02:25:23 | Deep Dive |
| CVE-2025-53897 | Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability | kiteworks | security-advisories | Medium | 6.8 | 2025-11-29 02:24:37 | Deep Dive |
| CVE-2025-53896 | Kiteworks MFT is vulnerable to Insufficient Session Expiration | kiteworks | security-advisories | High | 7.1 | 2025-11-29 02:24:18 | Deep Dive |
| CVE-2025-58051 | Nextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a table | nextcloud | security-advisories | Medium | 6.5 | 2025-10-16 16:48:20 | Deep Dive |
| CVE-2025-53839 | DRACOON Branding Service vulnerable to Cross-site Scripting | dracoon | security-advisories | Medium | 4.0 | 2025-07-14 23:12:10 | Deep Dive |
| CVE-2025-47794 | Nextcloud Server vulnerable to insecure temporary file creation, race with write access and permission | nextcloud | security-advisories | Low | 2.6 | 2025-05-16 14:35:25 | Deep Dive |
| CVE-2025-47793 | Nextcloud Server and Groupfolders app vulnerable to bypass of group folder quota limit using attachment in text file | nextcloud | security-advisories | Medium | 4.3 | 2025-05-16 14:31:51 | Deep Dive |
| CVE-2025-47792 | Nextcloud Desktop 3rdparty applications can create share links via socket API | nextcloud | security-advisories | Medium | 5.0 | 2025-05-16 14:13:53 | Deep Dive |
| CVE-2025-47791 | Nextcloud Server's test remote endpoint is not rate limited | nextcloud | security-advisories | Medium | 4.3 | 2025-05-16 14:09:27 | Deep Dive |
| CVE-2025-47790 | Nextcloud Server doesn't request second factor after session timeout | nextcloud | security-advisories | Medium | 6.4 | 2025-05-16 14:02:58 | Deep Dive |
| CVE-2025-32377 | Rasa Pro Missing Authentication For Voice Connector APIs | RasaHQ | rasa-pro-security-advisories | Medium | 6.5 | 2025-04-18 19:59:32 | Deep Dive |
| CVE-2024-49375 | Remote Code Execution via Remote Model Loading in Rasa | RasaHQ | rasa-pro-security-advisories | Critical | 9.0 | 2025-01-14 18:59:53 | Deep Dive |
| CVE-2024-52509 | Nextcloud Mail app does not respect download permissions in shares | nextcloud | security-advisories | Low | 3.5 | 2024-11-15 17:37:47 | Deep Dive |
| CVE-2024-52508 | Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers | nextcloud | security-advisories | High | 8.2 | 2024-11-15 17:34:22 | Deep Dive |
| CVE-2024-52510 | Nextcloud Desktop client behaves incorrectly if the initial end-to-end-encryption signature is empty | nextcloud | security-advisories | Medium | 4.2 | 2024-11-15 17:29:45 | Deep Dive |