| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11949 | Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication | Digiwin | EasyFlow .NET | High | 7.5 | 2025-10-21 06:49:56 | Deep Dive |
| CVE-2025-55248 | .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability | Microsoft | .NET 8.0 | Medium | 4.8 | 2025-10-14 17:00:59 | Deep Dive |
| CVE-2025-55315 | ASP.NET Security Feature Bypass Vulnerability | Microsoft | ASP.NET Core 2.3 | Critical | 9.9 | 2025-10-14 17:00:10 | Deep Dive |
| CVE-2025-55247 | .NET Elevation of Privilege Vulnerability | Microsoft | .NET 8.0 | High | 7.3 | 2025-10-14 17:00:10 | Deep Dive |
| CVE-2025-61778 | Akka.Remote TLS did not properly implement certificate-based authentication | akkadotnet | akka.net | - | - | 2025-10-06 16:53:42 | Deep Dive |
| CVE-2025-9846 | Unrestricted File Upload in TaletSys Inka.Net | TalentSys Consulting Information Technology Industry Inc. | Inka.Net | Critical | 10.0 | 2025-09-23 12:31:19 | Deep Dive |
| CVE-2025-47910 | CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http | Go standard library | net/http | - | - | 2025-09-22 21:01:55 | Deep Dive |
| CVE-2025-9463 | Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter | peachpay | PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) | Medium | 6.5 | 2025-09-10 06:38:46 | Deep Dive |
| CVE-2025-36855 | EOL .NET 6.0 Runtime Remote Code Execution Vulnerability | Microsoft | .NET 6.0 | High | 8.8 | 2025-09-08 13:57:28 | Deep Dive |
| CVE-2025-36854 | EOL ASP.NET 6.0 Remote Code Execution Vulnerability | Microsoft | .NET 6.0 | High | 8.1 | 2025-09-08 13:53:09 | Deep Dive |
| CVE-2025-36853 | EOL .NET 6.0 Runtime Remote Code Execution Vulnerability | Microsoft | .NET 6.0 | High | 7.5 | 2025-09-08 13:48:43 | Deep Dive |
| CVE-2025-54702 | WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability | motov.net | Ebook Store | Medium | 4.3 | 2025-08-14 10:34:57 | Deep Dive |
| CVE-2025-7761 | Reflected XSS in Lepszy BIP | Akcess-Net | Lepszy BIP | - | - | 2025-08-14 10:01:39 | Deep Dive |
| CVE-2025-30033 | Siemens多款产品 代码问题漏洞 | Siemens | Automation License Manager V6.0 | High | 7.8 | 2025-08-12 11:16:57 | Deep Dive |
| CVE-2025-8834 | JCG Link-net LW-N915R Wireless Basic Settings basic.asp cross site scripting | JCG | Link-net LW-N915R | Low | 2.4 | 2025-08-11 06:32:07 | Deep Dive |
| CVE-2025-4049 | Hardcoded SQLite password in FARA | SIGNUM-NET | FARA | 高危 | - | 2025-07-21 07:40:33 | Deep Dive |
| CVE-2025-26855 | Extension - joomcar.net - SQL injection in Articles Calendar 1.0.0 - 1.0.1.0007 for Joomla | joomcar.net | Articles Calendar extension for Joomla | 中危 | - | 2025-07-18 07:38:32 | Deep Dive |
| CVE-2025-26854 | Extension - joomcar.net - SQL injection in Articles Good Search 1.0.0 - 1.2.4.0011 for Joomla | joomcar.net | Articles Good Search extension for Joomla | 中危 | - | 2025-07-18 07:38:26 | Deep Dive |
| CVE-2025-40913 | Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow | ATRODO | Net::Dropbear | - | - | 2025-07-16 14:05:34 | Deep Dive |
| CVE-2025-7452 | kone-net go-chat Endpoint file_controller.go GetFile path traversal | kone-net | go-chat | Medium | 6.3 | 2025-07-11 17:32:05 | Deep Dive |