🚨 CVE-2021-47806
Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges.
🎖@cveNotify
Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges.
🎖@cveNotify
Dupscout
DupScout - Duplicate Files Finder
DupScout is a duplicate files finder allowing one to search and cleanup duplicate files in local disks, network shares, NAS storage devices and enterprise storage systems. Users are provided with the ability to search duplicate files, save reports, replace…
🚨 CVE-2021-47807
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges.
🎖@cveNotify
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges.
🎖@cveNotify
Exploit Database
Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path
Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path.. local exploit for Windows platform
🚨 CVE-2025-67316
An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser
🎖@cveNotify
An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser
🎖@cveNotify
🚨 CVE-2026-21633
A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
🎖@cveNotify
A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier).
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
🎖@cveNotify
🚨 CVE-2026-21634
A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
🎖@cveNotify
A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.
Affected Products:
UniFi Protect Application (Version 6.1.79 and earlier).
Mitigation:
Update your UniFi Protect Application to Version 6.2.72 or later.
🎖@cveNotify
🚨 CVE-2026-21635
An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet.
🎖@cveNotify
An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feature on a device that was only adopted via Ethernet.
🎖@cveNotify
🚨 CVE-2025-61781
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation lacks proper authorization checks to verify ownership of the targeted resources.
An attacker can exploit this by supplying an active UUID of another user. Since the API does not validate whether the requester owns the resource, the mutation executes successfully, resulting in unauthorized deletion of the entire workspace. Version 6.8.1 fixes the issue.
🎖@cveNotify
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation lacks proper authorization checks to verify ownership of the targeted resources.
An attacker can exploit this by supplying an active UUID of another user. Since the API does not validate whether the requester owns the resource, the mutation executes successfully, resulting in unauthorized deletion of the entire workspace. Version 6.8.1 fixes the issue.
🎖@cveNotify
GitHub
GraphQL IDOR allows authenticated user to delete workspace content of other users
### Summary
The GraphQL mutation "_WorkspacePopoverDeletionMutation_" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation l...
The GraphQL mutation "_WorkspacePopoverDeletionMutation_" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation l...
🚨 CVE-2026-0621
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS) vulnerability in the UriTemplate class when processing RFC 6570 exploded array patterns. The dynamically generated regular expression used during URI matching contains nested quantifiers that can trigger catastrophic backtracking on specially crafted inputs, resulting in excessive CPU consumption. An attacker can exploit this by supplying a malicious URI that causes the Node.js process to become unresponsive, leading to a denial of service.
🎖@cveNotify
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS) vulnerability in the UriTemplate class when processing RFC 6570 exploded array patterns. The dynamically generated regular expression used during URI matching contains nested quantifiers that can trigger catastrophic backtracking on specially crafted inputs, resulting in excessive CPU consumption. An attacker can exploit this by supplying a malicious URI that causes the Node.js process to become unresponsive, leading to a denial of service.
🎖@cveNotify
GitHub
MCP TypeScript SDK UriTemplate ReDoS · Issue #965 · modelcontextprotocol/typescript-sdk
1. Describe the bug The UriTemplate class in MCP TypeScript SDK is vulnerable to ReDoS attacks when processing RFC 6570 URI Template standard exploded array patterns ({/id*}, {?tags*}, etc.) due to...
🚨 CVE-2025-67158
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request.
🎖@cveNotify
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request.
🎖@cveNotify
Revotech
A forward-thinking technology powerhouse devoted to fostering innovation
🚨 CVE-2025-67159
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
🎖@cveNotify
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
🎖@cveNotify
🚨 CVE-2025-67160
An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal.
🎖@cveNotify
An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal.
🎖@cveNotify
🚨 CVE-2025-65328
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) header as the client IP without validating a trusted proxy chain. An attacker can supply an arbitrary XFF value in a remote request to spoof the client IP, which is then propagated to security-relevant state (e.g., WG_CLIENT_IP cookie). Deployments that rely on this value for IP allowlists may be bypassed.
🎖@cveNotify
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) header as the client IP without validating a trusted proxy chain. An attacker can supply an arbitrary XFF value in a remote request to spoof the client IP, which is then propagated to security-relevant state (e.g., WG_CLIENT_IP cookie). Deployments that rely on this value for IP allowlists may be bypassed.
🎖@cveNotify
drive.proton.me
Proton Drive
Securely store, share, and access your important files and photos. Anytime, anywhere.
🚨 CVE-2025-67303
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface
🎖@cveNotify
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface
🎖@cveNotify
GitHub
ComfyUI-Manager/docs/en/v3.38-userdata-security-migration.md at main · Comfy-Org/ComfyUI-Manager
ComfyUI-Manager is an extension designed to enhance the usability of ComfyUI. It offers management functions to install, remove, disable, and enable various custom nodes of ComfyUI. Furthermore, th...
🚨 CVE-2025-67315
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component
🎖@cveNotify
Cross Site Request Forgery vulnerability in Employee Leave Management System v.2.1 allows a remote attacker to escalate privileges via the manage-employee.php component
🎖@cveNotify
GitHub
GitHub - r-pradyun/CVE-2025-67315
Contribute to r-pradyun/CVE-2025-67315 development by creating an account on GitHub.
🚨 CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
🚨 CVE-2026-1281
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🎖@cveNotify
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)
<div>
<h2><strong><span>Summary</span><span> </span></strong></h2>
</div>
<div>
<p><span>Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses two critical severity vulnerabilities. Successful exploitation could lead to unauthenticated…
<h2><strong><span>Summary</span><span> </span></strong></h2>
</div>
<div>
<p><span>Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses two critical severity vulnerabilities. Successful exploitation could lead to unauthenticated…
🚨 CVE-2025-54943
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.
🎖@cveNotify
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.
🎖@cveNotify
zuso.ai
ZUSO Generation 如梭世代
為台灣本土專業之資訊安全服務業者,服務團隊具備超過 10 年以上駭客攻擊手法及豐富威脅分析經歷,專為企業組織提供客製化資安服務解決方案。
🚨 CVE-2025-54944
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution.
🎖@cveNotify
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution.
🎖@cveNotify
zuso.ai
ZUSO Generation 如梭世代
為台灣本土專業之資訊安全服務業者,服務團隊具備超過 10 年以上駭客攻擊手法及豐富威脅分析經歷,專為企業組織提供客製化資安服務解決方案。
🚨 CVE-2025-54945
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
🎖@cveNotify
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
🎖@cveNotify
zuso.ai
ZUSO Generation 如梭世代
為台灣本土專業之資訊安全服務業者,服務團隊具備超過 10 年以上駭客攻擊手法及豐富威脅分析經歷,專為企業組織提供客製化資安服務解決方案。
🚨 CVE-2025-54946
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands.
🎖@cveNotify
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands.
🎖@cveNotify
zuso.ai
ZUSO Generation 如梭世代
為台灣本土專業之資訊安全服務業者,服務團隊具備超過 10 年以上駭客攻擊手法及豐富威脅分析經歷,專為企業組織提供客製化資安服務解決方案。
🚨 CVE-2025-31342
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file.
🎖@cveNotify
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file.
🎖@cveNotify
zuso.ai
ZUSO Generation 如梭世代
為台灣本土專業之資訊安全服務業者,服務團隊具備超過 10 年以上駭客攻擊手法及豐富威脅分析經歷,專為企業組織提供客製化資安服務解決方案。