| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-59510 | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability | Microsoft | Windows 10 Version 1607 | Medium | 5.5 | 2025-11-11 17:59:18 | Deep Dive |
| CVE-2025-59509 | Windows Speech Recognition Information Disclosure Vulnerability | Microsoft | Windows 10 Version 1809 | Medium | 5.5 | 2025-11-11 17:59:17 | Deep Dive |
| CVE-2025-59508 | Windows Speech Recognition Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:16 | Deep Dive |
| CVE-2025-59507 | Windows Speech Runtime Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:16 | Deep Dive |
| CVE-2025-59506 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:15 | Deep Dive |
| CVE-2025-59505 | Windows Smart Card Reader Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.8 | 2025-11-11 17:59:13 | Deep Dive |
| CVE-2025-11168 | Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation | mvirik | Mementor Core | High | 8.8 | 2025-11-11 03:30:34 | Deep Dive |
| CVE-2025-64518 | CycloneDX Core (Java): BOM validation is vulnerable to XML External Entity injection | CycloneDX | cyclonedx-core-java | High | 7.5 | 2025-11-10 22:08:06 | Deep Dive |
| CVE-2025-64493 | SuiteCRM is Vulnerable to Authenticated Blind SQL Injection via GraphQL | SuiteCRM | SuiteCRM-Core | Medium | 6.5 | 2025-11-08 01:16:23 | Deep Dive |
| CVE-2025-64492 | SuiteCRM is Vulnerable to Authenticated Time Based Blind SQL Injection | SuiteCRM | SuiteCRM-Core | High | 8.8 | 2025-11-08 01:07:23 | Deep Dive |
| CVE-2025-62051 | WordPress UDesign Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability | AndonDesign | UDesign Core | 中危 | - | 2025-11-06 15:55:47 | Deep Dive |
| CVE-2025-58627 | WordPress Miraculous Core Plugin plugin < 2.0.9 - Insecure Direct Object References (IDOR) vulnerability | kamleshyadav | Miraculous Core Plugin | 中危 | - | 2025-11-06 15:54:24 | Deep Dive |
| CVE-2025-11093 | Arbitrary Code Execution with higher privileged users in Multiple WSO2 Products via Script Mediator Engines (GraalJS and NashornJS) | WSO2 | WSO2 Micro Integrator | High | 8.4 | 2025-11-05 18:31:18 | Deep Dive |
| CVE-2025-10907 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution | WSO2 | WSO2 API Manager | High | 8.4 | 2025-11-05 18:03:50 | Deep Dive |
| CVE-2025-8900 | Doccure Core < 1.5.4 - Unauthenticated Privilege Escalation | dreamstechnologies | Doccure Core | Critical | 9.8 | 2025-11-03 14:26:38 | Deep Dive |
| CVE-2025-64220 | WordPress Rey Core plugin <= 3.1.8 - Cross Site Scripting (XSS) vulnerability | ReyCommerce | Rey Core | - | - | 2025-10-29 08:38:10 | Deep Dive |
| CVE-2025-59580 | WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability | GoodLayers | Goodlayers Core | - | - | 2025-10-22 14:32:40 | Deep Dive |
| CVE-2025-59571 | WordPress WorkScout-Core plugin < 1.7.06 - Cross Site Scripting (XSS) vulnerability | purethemes | WorkScout-Core | - | - | 2025-10-22 14:32:39 | Deep Dive |
| CVE-2025-53234 | WordPress UDesign Core plugin <= 4.14.0 - Cross Site Scripting (XSS) vulnerability | AndonDesign | UDesign Core | - | - | 2025-10-22 14:32:30 | Deep Dive |
| CVE-2025-53236 | WordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerability | AndonDesign | UDesign Core | - | - | 2025-10-22 14:32:30 | Deep Dive |