| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-26681 | Win32k Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 21H2 | Medium | 6.7 | 2025-04-08 17:23:11 | Deep Dive |
| CVE-2025-26668 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.5 | 2025-04-08 17:23:10 | Deep Dive |
| CVE-2025-26667 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-04-08 17:23:09 | Deep Dive |
| CVE-2025-26666 | Windows Media Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1809 | High | 7.8 | 2025-04-08 17:23:08 | Deep Dive |
| CVE-2025-26669 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-04-08 17:23:08 | Deep Dive |
| CVE-2025-26665 | Windows upnphost.dll Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.0 | 2025-04-08 17:23:07 | Deep Dive |
| CVE-2025-26664 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-04-08 17:23:06 | Deep Dive |
| CVE-2025-26663 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.1 | 2025-04-08 17:23:05 | Deep Dive |
| CVE-2025-3105 | Vehica Core <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation | TangibleWP | Vehica Core | High | 8.8 | 2025-04-04 07:27:42 | Deep Dive |
| CVE-2025-2780 | Woffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload | WofficeIO | Woffice Core | High | 8.8 | 2025-04-04 07:00:14 | Deep Dive |
| CVE-2025-2797 | Woffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration Approval | WofficeIO | Woffice Core | Medium | 5.4 | 2025-04-04 07:00:12 | Deep Dive |
| CVE-2025-31485 | GraphQL grant on a property might be cached with different objects | api-platform | core | High | 7.5 | 2025-04-03 19:31:46 | Deep Dive |
| CVE-2025-31481 | GraphQL query operations security can be bypassed | api-platform | core | High | 7.5 | 2025-04-03 19:20:23 | Deep Dive |
| CVE-2023-47639 | API Platform Core can leak exceptions message that may contain sensitive information | api-platform | core | Medium | 5.3 | 2025-04-03 16:46:14 | Deep Dive |
| CVE-2025-2906 | Contempo Real Estate Core <= 3.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | contempoinc | Contempo Real Estate Core | Medium | 6.4 | 2025-04-01 11:12:28 | Deep Dive |
| CVE-2025-31409 | WordPress Bridge Core plugin < 3.3.1 - Cross Site Scripting (XSS) vulnerability | NotFound | Bridge Core | Medium | 6.5 | 2025-04-01 05:32:25 | Deep Dive |
| CVE-2025-31675 | Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004 | Drupal | Drupal core | 中危 | - | 2025-03-31 21:35:20 | Deep Dive |
| CVE-2025-31674 | Drupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003 | Drupal | Drupal core | 中危 | - | 2025-03-31 21:34:53 | Deep Dive |
| CVE-2025-31673 | Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002 | Drupal | Drupal core | 中危 | - | 2025-03-31 21:34:16 | Deep Dive |
| CVE-2025-3057 | Drupal core - Critical - Cross site scripting - SA-CORE-2025-001 | Drupal | Drupal core | 中危 | - | 2025-03-31 21:33:30 | Deep Dive |