| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-55078 | Incomplete validation of kernel object pointers in system calls | Eclipse Foundation | ThreadX | - | - | 2025-10-14 07:28:56 | Deep Dive |
| CVE-2025-11626 | Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2025-10-10 22:33:26 | Deep Dive |
| CVE-2025-30001 | Apache StreamPark: Authenticated users can trigger remote command execution | Apache Software Foundation | Apache StreamPark | - | - | 2025-10-10 09:52:27 | Deep Dive |
| CVE-2025-62228 | Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers | Apache Software Foundation | Apache Flink CDC | - | - | 2025-10-09 13:15:50 | Deep Dive |
| CVE-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | Python Software Foundation | CPython | Medium | 4.3 | 2025-10-07 18:10:06 | Deep Dive |
| CVE-2025-1826 | IBM Jazz Foundation cross-site scripting | IBM | Jazz Foundation | Medium | 5.4 | 2025-10-07 17:50:01 | Deep Dive |
| CVE-2025-61735 | Apache Kylin: Server-Side Request Forgery | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:50 | Deep Dive |
| CVE-2025-61733 | Apache Kylin: Authentication bypass | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:39 | Deep Dive |
| CVE-2025-61734 | Apache Kylin: improper restriction of file read | Apache Software Foundation | Apache Kylin | - | - | 2025-10-02 09:47:15 | Deep Dive |
| CVE-2025-61622 | Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory | Apache Software Foundation | Apache Fory | - | - | 2025-10-01 09:55:06 | Deep Dive |
| CVE-2025-41250 | Header injection vulnerability | VMware | vCenter | High | 8.5 | 2025-09-29 17:44:28 | Deep Dive |
| CVE-2025-41245 | VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) | VMware | VMware Aria Operations | Medium | 4.9 | 2025-09-29 16:19:16 | Deep Dive |
| CVE-2025-41244 | VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) | VMware | VCF operations | High | 7.8 | 2025-09-29 16:09:52 | Deep Dive |
| CVE-2025-54831 | Apache Airflow: Connection sensitive details exposed to users with READ permissions | Apache Software Foundation | Apache Airflow | 中危 | - | 2025-09-26 07:28:59 | Deep Dive |
| CVE-2025-58457 | Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands | Apache Software Foundation | Apache ZooKeeper | - | - | 2025-09-24 09:29:36 | Deep Dive |
| CVE-2025-48392 | Apache IoTDB: DoS Vulnerability | Apache Software Foundation | Apache IoTDB | - | - | 2025-09-24 07:59:53 | Deep Dive |
| CVE-2025-48459 | Apache IoTDB: Deserialization of untrusted Data | Apache Software Foundation | Apache IoTDB | - | - | 2025-09-24 07:57:24 | Deep Dive |
| CVE-2025-59328 | Apache Fory: Denial of Service (DoS) due to Deserialization of Untrusted malicious large Data | Apache Software Foundation | Apache Fory | - | - | 2025-09-15 16:26:58 | Deep Dive |
| CVE-2025-48208 | Apache HertzBeat (incubating): Jmx JNDI injection vulnerability | Apache Software Foundation | Apache HertzBeat (incubating) | - | - | 2025-09-09 09:31:36 | Deep Dive |
| CVE-2025-24404 | Apache HertzBeat (incubating): RCE by parse http sitemap xml response | Apache Software Foundation | Apache HertzBeat (incubating) | - | - | 2025-09-09 09:30:59 | Deep Dive |