| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-32797 | Conda-build Insecure Build Script Permissions Enabling Arbitrary Code Execution | conda | conda-build | - | - | 2025-06-16 18:46:31 | Deep Dive |
| CVE-2025-26646 | .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability | Microsoft | .NET 8.0 | High | 8.0 | 2025-05-13 21:39:53 | Deep Dive |
| CVE-2025-3916 | Schneider Electric EcoStruxure Power Build Rapsody 安全漏洞 | Schneider Electric | EcoStruxure™ Power Build Rapsody software | - | - | 2025-05-13 08:35:01 | Deep Dive |
| CVE-2024-12225 | Io.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypass | - | - | Critical | 9.1 | 2025-05-06 19:49:17 | Deep Dive |
| CVE-2025-3910 | Org.keycloak.authentication: two factor authentication bypass | - | - | Medium | 5.4 | 2025-04-29 20:46:40 | Deep Dive |
| CVE-2025-3501 | Org.keycloak.protocol.services: keycloak hostname verification | - | - | High | 8.2 | 2025-04-29 20:45:30 | Deep Dive |
| CVE-2025-32577 | WordPress Build App Online Plugin <= 1.0.23 - Local File Inclusion vulnerability | hakeemnala | Build App Online | Critical | 9.8 | 2025-04-11 08:42:57 | Deep Dive |
| CVE-2025-2789 | MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.19 - Missing Authorization to Unauthenticated Table Rates Deletion | wcmp | MultiVendorX – WooCommerce Multivendor Marketplace Solutions | Medium | 5.3 | 2025-04-05 05:32:14 | Deep Dive |
| CVE-2025-26869 | WordPress Build theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | - | Build | Medium | 6.5 | 2025-03-26 14:48:54 | Deep Dive |
| CVE-2025-2559 | Org.keycloak/keycloak-services: jwt token cache exhaustion leading to denial of service (dos) in keycloak | - | - | Medium | 4.9 | 2025-03-25 08:20:58 | Deep Dive |
| CVE-2025-2240 | Smallrye-fault-tolerance: smallrye fault tolerance | - | - | High | 7.5 | 2025-03-12 14:55:16 | Deep Dive |
| CVE-2025-23368 | Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli | - | - | High | 8.1 | 2025-03-04 15:14:48 | Deep Dive |
| CVE-2025-1634 | Io.quarkus:quarkus-resteasy: memory leak in quarkus resteasy classic when client requests timeout | - | - | High | 7.5 | 2025-02-26 16:56:24 | Deep Dive |
| CVE-2024-4028 | Keycloak-core: stored xss in keycloak when creating a items in admin console | - | - | Low | 3.8 | 2025-02-18 17:54:09 | Deep Dive |
| CVE-2025-1391 | Keycloak-services: improper authorization in keycloak organization mapper allows unauthorized organization claims | - | - | Medium | 5.4 | 2025-02-17 14:01:35 | Deep Dive |
| CVE-2025-1247 | Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance | - | - | High | 8.3 | 2025-02-13 13:26:27 | Deep Dive |
| CVE-2025-24872 | Missing Authorization check in SAP ABAP Platform (ABAP Build Framework) | SAP_SE | SAP ABAP Platform (ABAP Build Framework) | Medium | 4.3 | 2025-02-11 00:37:15 | Deep Dive |
| CVE-2024-11831 | Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript | - | - | Medium | 5.4 | 2025-02-10 15:27:47 | Deep Dive |
| CVE-2025-23367 | Org.wildfly.core:wildfly-server: wildfly improper rbac permission | - | - | Medium | 6.5 | 2025-01-30 14:30:04 | Deep Dive |
| CVE-2025-24633 | WordPress Build Private Store For Woocommerce plugin <= 1.0 - Broken Access Control vulnerability | silverplugins217 | Build Private Store For Woocommerce | Medium | 5.3 | 2025-01-24 17:24:34 | Deep Dive |