| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7326 | EOL ASP.NET Core Elevation of Privilege Vulnerability | Microsoft | ASP.NET Core 6.0 | High | 7.0 | 2025-07-08 14:31:46 | Deep Dive |
| CVE-2025-6811 | Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution Vulnerability | Mescius | ActiveReports.NET | - | - | 2025-07-07 14:52:03 | Deep Dive |
| CVE-2025-6810 | Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution Vulnerability | Mescius | ActiveReports.NET | - | - | 2025-07-07 14:51:51 | Deep Dive |
| CVE-2025-6725 | Cross-Site Scripting (XSS) in PdfViewer | Progress Software | Kendo UI for jQuery | Medium | 5.4 | 2025-07-02 14:39:15 | Deep Dive |
| CVE-2025-53322 | WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.5 - Sensitive Data Exposure Vulnerability | ZealousWeb | Accept Authorize.NET Payments Using Contact Form 7 | Medium | 5.3 | 2025-06-27 13:21:39 | Deep Dive |
| CVE-2025-40910 | Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses | TPODER | Net::IP::LPM | - | - | 2025-06-27 12:19:59 | Deep Dive |
| CVE-2025-28998 | WordPress SERPed.net plugin <= 4.6 - Local File Inclusion Vulnerability | serpednet | SERPed.net | High | 8.1 | 2025-06-27 11:52:40 | Deep Dive |
| CVE-2025-49862 | WordPress Ebook Store plugin <= 5.8008 - Cross Site Scripting (XSS) Vulnerability | motov.net | Ebook Store | Medium | 5.9 | 2025-06-17 15:01:19 | Deep Dive |
| CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability | Microsoft | .NET 8.0 | High | 7.5 | 2025-06-13 01:08:00 | Deep Dive |
| CVE-2025-49467 | Joomla Extension - jevents.net - SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla | jevents.net / GWE Systems Ltd | JEvents component for Joomla | - | - | 2025-06-12 15:18:33 | Deep Dive |
| CVE-2025-4673 | Sensitive headers not cleared on cross-origin redirect in net/http | Go standard library | net/http | - | - | 2025-06-11 16:42:53 | Deep Dive |
| CVE-2025-40911 | Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses | RRWO | Net::CIDR::Set | - | - | 2025-05-27 21:17:42 | Deep Dive |
| CVE-2025-46487 | WordPress EC Authorize.net plugin <= 0.3.3 - Reflected Cross Site Scripting (XSS) vulnerability | sftranna | EC Authorize.net | High | 7.1 | 2025-05-23 12:43:42 | Deep Dive |
| CVE-2025-47532 | WordPress CoinPayments.net Payment Gateway for WooCommerce plugin <= 1.0.17 - PHP Object Injection Vulnerability | CoinPayments | CoinPayments.net Payment Gateway for WooCommerce | Critical | 9.8 | 2025-05-23 12:43:32 | Deep Dive |
| CVE-2025-48236 | WordPress bunny.net plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability | bunny.net | bunny.net | High | 8.5 | 2025-05-19 14:44:51 | Deep Dive |
| CVE-2025-46836 | net-tools Stack-based Buffer Overflow vulnerability | ecki | net-tools | Medium | 6.6 | 2025-05-14 22:59:20 | Deep Dive |
| CVE-2025-3600 | Unsafe Reflection Vulnerability in Telerik UI for ASP.NET AJAX | Progress Software | Telerik UI for ASP.NET AJAX | High | 7.5 | 2025-05-14 13:21:41 | Deep Dive |
| CVE-2025-26646 | .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability | Microsoft | .NET 8.0 | High | 8.0 | 2025-05-13 21:39:53 | Deep Dive |
| CVE-2025-33072 | Microsoft msagsfeedback.azurewebsites.net Information Disclosure Vulnerability | Microsoft | Microsoft msagsfeedback.azurewebsites.net | High | 8.1 | 2025-05-08 22:17:22 | Deep Dive |
| CVE-2025-47589 | WordPress Ebook Store plugin <= 5.8009 - Cross Site Scripting (XSS) Vulnerability | motov.net | Ebook Store | Medium | 6.5 | 2025-05-07 14:20:22 | Deep Dive |