| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-26646 | .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability | Microsoft | .NET 8.0 | High | 8.0 | 2025-05-13 21:39:53 | Deep Dive |
| CVE-2025-32702 | Visual Studio Remote Code Execution Vulnerability | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | High | 7.8 | 2025-05-13 16:59:12 | Deep Dive |
| CVE-2025-21264 | Visual Studio Code Security Feature Bypass Vulnerability | Microsoft | Microsoft Visual Studio Code CoPilot Chat Extension | High | 7.1 | 2025-05-13 16:58:52 | Deep Dive |
| CVE-2025-32703 | Visual Studio Information Disclosure Vulnerability | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | Medium | 5.5 | 2025-05-13 16:58:51 | Deep Dive |
| CVE-2025-30387 | Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability | Microsoft | Azure AI Document Intelligence Studio | Critical | 9.8 | 2025-05-13 16:58:47 | Deep Dive |
| CVE-2025-4318 | Input validation issue in AWS Amplify Studio UI component properties | Amazon | Amplify Studio | - | - | 2025-05-05 18:16:34 | Deep Dive |
| CVE-2025-3106 | LA-Studio Element Kit for Elementor <= 1.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table of Contents Widget | choijun | LA-Studio Element Kit for Elementor | Medium | 6.4 | 2025-04-18 09:21:49 | Deep Dive |
| CVE-2025-22771 | WordPress The Great Firewords of China plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability | Studio Hyperset | The Great Firewords of China | Medium | 6.5 | 2025-04-17 15:17:17 | Deep Dive |
| CVE-2025-32726 | Visual Studio Code Elevation of Privilege Vulnerability | Microsoft | Visual Studio Code | Medium | 6.8 | 2025-04-12 01:32:45 | Deep Dive |
| CVE-2025-29803 | Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability | Microsoft | SQL Server Management Studio 20.2 | High | 7.3 | 2025-04-12 01:32:36 | Deep Dive |
| CVE-2025-26682 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | Microsoft | ASP.NET Core 8.0 | High | 7.5 | 2025-04-08 17:24:23 | Deep Dive |
| CVE-2025-29804 | Visual Studio Elevation of Privilege Vulnerability | Microsoft | Microsoft Visual Studio 2022 version 17.10 | High | 7.3 | 2025-04-08 17:24:15 | Deep Dive |
| CVE-2025-29802 | Visual Studio Elevation of Privilege Vulnerability | Microsoft | Microsoft Visual Studio 2022 version 17.10 | High | 7.3 | 2025-04-08 17:24:14 | Deep Dive |
| CVE-2025-32194 | WordPress LA-Studio Element Kit for Elementor plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability | LA-Studio | LA-Studio Element Kit for Elementor | Medium | 6.5 | 2025-04-04 15:59:07 | Deep Dive |
| CVE-2025-31421 | WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability | Oblak Studio | Srbtranslatin | - | - | 2025-04-04 12:59:16 | Deep Dive |
| CVE-2025-31869 | WordPress Black Widgets For Elementor plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability | Modernaweb Studio | Black Widgets For Elementor | Medium | 6.5 | 2025-04-01 14:52:10 | Deep Dive |
| CVE-2025-2576 | Ayyash Studio <= 1.0.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | themerox | Ayyash Studio — The kick-start kit | Medium | 6.4 | 2025-03-26 02:23:48 | Deep Dive |
| CVE-2025-28864 | WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability | Planet Studio | Builder for Contact Form 7 by Webconstruct | Medium | 4.3 | 2025-03-11 21:00:35 | Deep Dive |
| CVE-2025-26631 | Visual Studio Code Elevation of Privilege Vulnerability | Microsoft | Visual Studio Code | High | 7.3 | 2025-03-11 16:59:24 | Deep Dive |
| CVE-2025-25003 | Visual Studio Elevation of Privilege Vulnerability | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | High | 7.3 | 2025-03-11 16:59:05 | Deep Dive |