| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-34350 | UnForm Server < 10.1.15 Doc Flow Unauthenticated File Read | Synergetic Data Systems, Inc. | UnForm Server | - | - | 2025-11-25 19:04:13 | Deep Dive |
| CVE-2025-13644 | MongoDB may be susceptible to Invariant Failure due to batched delete | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2025-11-25 05:23:12 | Deep Dive |
| CVE-2025-13643 | MongoDB Server may allow queries to be terminated by unauthorized users | MongoDB Inc. | MongoDB Server | Low | 3.1 | 2025-11-25 05:16:24 | Deep Dive |
| CVE-2025-12893 | Improper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 4.2 | 2025-11-25 05:07:18 | Deep Dive |
| CVE-2025-13507 | Time-series operations may cause internal BSON size limit to be exceed | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2025-11-25 04:52:48 | Deep Dive |
| CVE-2025-13316 | Hard-coded encryption keys in Twonky Server | Lynxtechnology | Twonky Server | - | - | 2025-11-19 17:53:43 | Deep Dive |
| CVE-2025-13315 | Unauthenticated log access in Twonky Server | Lynxtechnology | Twonky Server | - | - | 2025-11-19 17:41:37 | Deep Dive |
| CVE-2025-10703 | Progress多款产品 代码注入漏洞 | Progress | DataDirect Connect for JDBC for Amazon Redshift | - | - | 2025-11-19 15:47:08 | Deep Dive |
| CVE-2025-10702 | Progress多款产品 代码注入漏洞 | Progress | DataDirect Connect for JDBC for Amazon Redshift | - | - | 2025-11-19 15:46:27 | Deep Dive |
| CVE-2025-9312 | Improper Certificate-Based Authentication Enforcement in Multiple WSO2 Products | WSO2 | WSO2 API Manager | Critical | 9.8 | 2025-11-18 12:05:22 | Deep Dive |
| CVE-2025-6670 | Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services | WSO2 | WSO2 Open Banking AM | High | 8.8 | 2025-11-18 11:28:37 | Deep Dive |
| CVE-2025-34323 | Nagios Log Server < 2026R1.0.1 Local Privilege Escalation via Writable Scripts and Sudo Rules | Nagios | Log Server | - | - | 2025-11-17 17:48:29 | Deep Dive |
| CVE-2025-34322 | Nagios Log Server < 2026R1.0.1 Authenticated Command Injection via Natural Language Queries | Nagios | Log Server | - | - | 2025-11-17 17:48:05 | Deep Dive |
| CVE-2025-55059 | Maxum Rumpus FTP Server 跨站脚本漏洞 | Rumpus | FTP Server | Medium | 4.8 | 2025-11-17 17:36:20 | Deep Dive |
| CVE-2025-55058 | Maxum Rumpus FTP Server 输入验证错误漏洞 | Rumpus | FTP Server | Medium | 4.5 | 2025-11-17 17:33:56 | Deep Dive |
| CVE-2025-55057 | Maxum Rumpus FTP Server 跨站请求伪造漏洞 | Rumpus | FTP Server | Medium | 4.5 | 2025-11-17 17:31:24 | Deep Dive |
| CVE-2025-55056 | Maxum Rumpus FTP Server 跨站脚本漏洞 | Rumpus | FTP Server | Medium | 4.8 | 2025-11-17 17:28:28 | Deep Dive |
| CVE-2025-55055 | Maxum Rumpus FTP Server 操作系统命令注入漏洞 | Rumpus | FTP Server | Medium | 6.8 | 2025-11-17 17:25:37 | Deep Dive |
| CVE-2025-11681 | Denial of Service condition in M-Files Server | M-Files Corporation | M-Files Server | - | - | 2025-11-17 11:30:25 | Deep Dive |
| CVE-2025-13208 | FantasticLBP Hotels Server hotelList.php sql injection | FantasticLBP | Hotels Server | Medium | 6.3 | 2025-11-15 18:02:08 | Deep Dive |