| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-52580 | Gift Pad region PAY 日志信息泄露漏洞 | Gift Pad Co.,Ltd. | "region PAY" App for Android | 低危 | - | 2025-07-22 04:49:33 | Deep Dive |
| CVE-2025-41681 | Persistent Cross-Site Scripting via POST Requests Due to Improper Neutralization of Input | MB connect line | mbNET.mini | Medium | 4.8 | 2025-07-21 09:31:26 | Deep Dive |
| CVE-2025-41679 | Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service | MB connect line | mbNET.mini | Medium | 5.3 | 2025-07-21 09:31:05 | Deep Dive |
| CVE-2025-41678 | SQL Injection via POST Requests Allowing Configuration Database Manipulation | MB connect line | mbNET.mini | Medium | 6.5 | 2025-07-21 09:30:44 | Deep Dive |
| CVE-2025-41677 | Resource Exhaustion via POST Requests to send-mail Action | MB connect line | mbNET.mini | Medium | 4.9 | 2025-07-21 09:30:29 | Deep Dive |
| CVE-2025-41676 | Resource Exhaustion via POST Requests to send-sms Action | MB connect line | mbNET.mini | Medium | 4.9 | 2025-07-21 09:30:07 | Deep Dive |
| CVE-2025-41675 | Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization | MB connect line | mbNET.mini | High | 7.2 | 2025-07-21 09:29:57 | Deep Dive |
| CVE-2025-41674 | Remote Command Injection in diagnostic Action Due to Improper Input Neutralization | MB connect line | mbNET.mini | High | 7.2 | 2025-07-21 09:29:43 | Deep Dive |
| CVE-2025-41673 | Remote Command Injection in send_sms Action Due to Improper Input Neutralization | MB connect line | mbNET.mini | High | 7.2 | 2025-07-21 09:29:32 | Deep Dive |
| CVE-2025-2818 | Motorola Smart Connect Android Application 安全漏洞 | Motorola | Smart Connect Android Application | Low | 3.5 | 2025-07-17 19:17:51 | Deep Dive |
| CVE-2025-5346 | File removal via path traversal in unsecured broadcast receiver in Bluebird barcode scanner application | Bluebird | kr.co.bluebird.android.bbsettings | - | - | 2025-07-17 12:45:57 | Deep Dive |
| CVE-2025-53891 | TIME LINE has Improper File Validation in Upload Section | TimeLineOfficial | Time-Line- | Medium | 4.3 | 2025-07-15 00:07:21 | Deep Dive |
| CVE-2025-49702 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2025-07-08 16:58:05 | Deep Dive |
| CVE-2025-49697 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 8.4 | 2025-07-08 16:58:02 | Deep Dive |
| CVE-2025-49696 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 8.4 | 2025-07-08 16:58:01 | Deep Dive |
| CVE-2025-49695 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 8.4 | 2025-07-08 16:58:00 | Deep Dive |
| CVE-2025-49731 | Microsoft Teams Elevation of Privilege Vulnerability | Microsoft | Microsoft Teams for Android | Low | 3.1 | 2025-07-08 16:57:25 | Deep Dive |
| CVE-2025-30972 | WordPress Woocommerce Line Notify plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability | iamapinan | Woocommerce Line Notify | High | 7.1 | 2025-06-27 11:52:39 | Deep Dive |
| CVE-2025-52883 | Meshtastic-Android vulnerable to forged DMs with no PKC showing up as encrypted | meshtastic | Meshtastic-Android | Medium | 5.3 | 2025-06-24 20:13:00 | Deep Dive |
| CVE-2025-3092 | MB connect line: Observable response discrepancy in mbCONNECT24/mymbCONNECT24 | Helmholz | myREX24 | High | 7.5 | 2025-06-24 08:14:32 | Deep Dive |