| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-54102 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.8 | 2025-09-09 17:00:49 | Deep Dive |
| CVE-2025-54099 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.0 | 2025-09-09 17:00:48 | Deep Dive |
| CVE-2025-54101 | Windows SMB Client Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | Medium | 4.8 | 2025-09-09 17:00:48 | Deep Dive |
| CVE-2025-54097 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-09-09 17:00:47 | Deep Dive |
| CVE-2025-54096 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-09-09 17:00:46 | Deep Dive |
| CVE-2025-54095 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-09-09 17:00:45 | Deep Dive |
| CVE-2025-53797 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-09-09 17:00:44 | Deep Dive |
| CVE-2025-53798 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Microsoft | Windows Server 2008 R2 Service Pack 1 | Medium | 6.5 | 2025-09-09 17:00:44 | Deep Dive |
| CVE-2025-49734 | PowerShell Direct Elevation of Privilege Vulnerability | Microsoft | PowerShell 7.4 | High | 7.0 | 2025-09-09 17:00:42 | Deep Dive |
| CVE-2025-42929 | Missing input validation vulnerability in SAP Landscape Transformation Replication Server | SAP_SE | SAP Landscape Transformation Replication Server | High | 8.1 | 2025-09-09 02:10:59 | Deep Dive |
| CVE-2025-42926 | Missing Authentication check in SAP NetWeaver Application Server Java | SAP_SE | SAP NetWeaver Application Server Java | Medium | 5.3 | 2025-09-09 02:10:04 | Deep Dive |
| CVE-2025-42918 | Missing Authorization check in SAP NetWeaver Application Server for ABAP (Background Processing) | SAP_SE | SAP NetWeaver Application Server for ABAP (Background Processing) | Medium | 4.3 | 2025-09-09 02:09:19 | Deep Dive |
| CVE-2025-54994 | @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API | akoskm | create-mcp-server-stdio | - | - | 2025-09-08 19:37:43 | Deep Dive |
| CVE-2025-10061 | Malformed $group Query May Cause MongoDB Server to Crash | MongoDB Inc | MongoDB Server | Medium | 6.5 | 2025-09-05 20:48:25 | Deep Dive |
| CVE-2025-10060 | MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation | MongoDB Inc | MongoDB Server | Medium | 6.5 | 2025-09-05 20:39:14 | Deep Dive |
| CVE-2025-10059 | MongoDB Server router will crash when incorrect lsid is set on a sharded query | MongoDB Inc | MongoDB Server | Medium | 6.5 | 2025-09-05 20:26:53 | Deep Dive |
| CVE-2025-8695 | Reflected XSS in Netcad Software's NetGIS Server | Netcad | NetGIS Server | Medium | 5.4 | 2025-09-05 13:44:54 | Deep Dive |
| CVE-2025-9273 | CData API Server MySQL Misconfiguration Information Disclosure Vulnerability | CData | API Server | 中危 | - | 2025-09-02 20:00:19 | Deep Dive |
| CVE-2025-55007 | Knowage vulnerable to server-side request forgery | KnowageLabs | Knowage-Server | Low | 3.5 | 2025-09-01 15:46:05 | Deep Dive |
| CVE-2024-13987 | Synology RADIUS Server 跨站脚本漏洞 | Synology | RADIUS Server | Medium | 5.9 | 2025-08-29 07:20:21 | Deep Dive |