| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-9588 | OS Command Injection in Iron Mountain's enVision | Iron Mountain Archiving Services Inc. | enVision | Critical | 10.0 | 2025-09-23 07:51:54 | Deep Dive |
| CVE-2025-58965 | WordPress Fusion Page Builder : Extension – Gallery Plugin <= 1.7.6 - Cross Site Scripting (XSS) Vulnerability | Agency Dominion Inc. | Fusion Page Builder : Extension – Gallery | Medium | 6.5 | 2025-09-22 18:26:11 | Deep Dive |
| CVE-2025-57961 | WordPress CoDesigner plugin <= 4.29 - Broken Access Control vulnerability | Codexpert, Inc | CoDesigner | Medium | 4.3 | 2025-09-22 18:24:44 | Deep Dive |
| CVE-2025-58016 | WordPress CF7 Submissions Plugin <= 0.26 - Broken Access Control Vulnerability | Codexpert, Inc | CF7 Submissions | Medium | 4.3 | 2025-09-22 18:24:04 | Deep Dive |
| CVE-2025-58261 | WordPress Mavis HTTPS to HTTP Redirection Plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) Vulnerability | PressPage Entertainment Inc | Mavis HTTPS to HTTP Redirection | High | 7.1 | 2025-09-22 18:23:21 | Deep Dive |
| CVE-2025-9035 | Reflected XSS in Horato Internet Technologies' Virtual Library Platform | Horato Internet Technologies Ind. and Trade Inc. | Virtual Library Platform | Medium | 5.4 | 2025-09-22 09:15:16 | Deep Dive |
| CVE-2025-10568 | HyperX NGENUITY - Arbitrary Code Execution | HP Inc. | HyperX NGENUITY | 中危 | - | 2025-09-19 19:39:09 | Deep Dive |
| CVE-2025-8532 | IDOR in Bimser's eBA Document and Workflow Management System | Bimser Solution Software Trade Inc. | eBA Document and Workflow Management System | Medium | 6.4 | 2025-09-19 14:12:21 | Deep Dive |
| CVE-2025-26503 | Buffer manipulation | Wind River Systems Inc | VxWorks 7 | Medium | 6.7 | 2025-09-18 18:46:45 | Deep Dive |
| CVE-2025-0419 | XSS in Mikrogrup's Zirve Nova | Zirve Information Technologies Inc. | Zirve Nova | Medium | 4.7 | 2025-09-17 08:20:41 | Deep Dive |
| CVE-2025-58116 | I-O DATA WN-7D36QR 操作系统命令注入漏洞 | I-O DATA DEVICE, INC. | WN-7D36QR | High | 7.2 | 2025-09-17 03:08:41 | Deep Dive |
| CVE-2025-55075 | I-O DATA WN-7D36QR 安全漏洞 | I-O DATA DEVICE, INC. | WN-7D36QR | Medium | 4.9 | 2025-09-17 03:08:37 | Deep Dive |
| CVE-2025-10491 | MongoDB Windows installation MSI may leave ACLs unset on custom installation directories | MongoDB Inc | MongoDB Server | High | 7.8 | 2025-09-15 16:04:54 | Deep Dive |
| CVE-2025-58131 | Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition | Zoom Communications, Inc | Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon | Medium | 6.6 | 2025-09-09 21:48:51 | Deep Dive |
| CVE-2025-58135 | Zoom Workplace Clients for Windows - Improper Action Enforcement | Zoom Communications, Inc | Zoom Workplace Clients for Windows | Medium | 5.3 | 2025-09-09 21:45:52 | Deep Dive |
| CVE-2025-58134 | Zoom Workplace Clients for Windows - Incorrect Authorization | Zoom Communications, Inc | Zoom Workplace Clients for Windows | Medium | 4.3 | 2025-09-09 21:44:02 | Deep Dive |
| CVE-2025-49461 | Zoom Workplace Clients - Cross-site Scripting | Zoom Communications, Inc | Zoom Workplace Clients | Medium | 4.3 | 2025-09-09 21:42:06 | Deep Dive |
| CVE-2025-49460 | Zoom Workplace Clients - Argument Injection | Zoom Communications, Inc | Zoom Workplace Clients | Medium | 4.3 | 2025-09-09 21:38:41 | Deep Dive |
| CVE-2025-49459 | Zoom Workplace for Windows on ARM - Missing Authorization | Zoom Communications, Inc | Zoom Workplace for Windows on ARM | High | 7.8 | 2025-09-09 21:29:33 | Deep Dive |
| CVE-2025-49458 | Zoom Workplace Clients - Buffer Overflow | Zoom Communications, Inc | Zoom Workplace Clients | Medium | 6.5 | 2025-09-09 21:25:52 | Deep Dive |