{
"Source": "CVE FEED",
"Title": "CVE-2025-55443 - Telpo MDM Plaintext Credentials and MQTT Server Exposure",
"Content": "CVE ID : CVE-2025-55443
Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 8 minutes ago
Description : Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-55443 - Telpo MDM Plaintext Credentials and MQTT Server Exposure",
"Content": "CVE ID : CVE-2025-55443
Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 8 minutes ago
Description : Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-35112 - Agiloft XML External Entities (XXE)",
"Content": "CVE ID : CVE-2025-35112
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-35112 - Agiloft XML External Entities (XXE)",
"Content": "CVE ID : CVE-2025-35112
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-57820 - Svelte Devalue Prototype Pollution Vulnerability",
"Content": "CVE ID : CVE-2025-57820
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Svelte devalue is a utility library. Prior to version 5.3.2, a string passed to devalue.parse could represent an object with a __proto__ property and devalue.parse does not check that an index is numeric. This could result in assigning prototypes to objects and properties, leading to prototype pollution. This issue has been fixed in version 5.3.2
Severity: 7.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-57820 - Svelte Devalue Prototype Pollution Vulnerability",
"Content": "CVE ID : CVE-2025-57820
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Svelte devalue is a utility library. Prior to version 5.3.2, a string passed to devalue.parse could represent an object with a __proto__ property and devalue.parse does not check that an index is numeric. This could result in assigning prototypes to objects and properties, leading to prototype pollution. This issue has been fixed in version 5.3.2
Severity: 7.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-35113 - Agiloft Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-35113
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-35113 - Agiloft Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-35113
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-35114 - Agiloft Default Credentials Privilege Escalation",
"Content": "CVE ID : CVE-2025-35114
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-35114 - Agiloft Default Credentials Privilege Escalation",
"Content": "CVE ID : CVE-2025-35114
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-35115 - Agiloft Insecure Package Download Vulnerability",
"Content": "CVE ID : CVE-2025-35115
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-35115 - Agiloft Insecure Package Download Vulnerability",
"Content": "CVE ID : CVE-2025-35115
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9277 - SiteSEO - WordPress Stored Cross-Site Scripting",
"Content": "CVE ID : CVE-2025-9277
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9277 - SiteSEO - WordPress Stored Cross-Site Scripting",
"Content": "CVE ID : CVE-2025-9277
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22409 - RFC TS Frames Use After Free Local Privilege Escalation",
"Content": "CVE ID : CVE-2025-22409
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22409 - RFC TS Frames Use After Free Local Privilege Escalation",
"Content": "CVE ID : CVE-2025-22409
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22410 - Apache HTTP Server Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22410
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22410 - Apache HTTP Server Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22410
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22411 - Cisco SDP Use After Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22411
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22411 - Cisco SDP Use After Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22411
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22412 - Apache SDP Server Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22412
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22412 - Apache SDP Server Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22412
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22413 - Apache HTTP Server Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-22413
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22413 - Apache HTTP Server Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-22413
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-26417 - Google Android Confused Deputy Local Information Disclosure",
"Content": "CVE ID : CVE-2025-26417
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-26417 - Google Android Confused Deputy Local Information Disclosure",
"Content": "CVE ID : CVE-2025-26417
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22407 - BlueZ Use After Free Remote Information Disclosure",
"Content": "CVE ID : CVE-2025-22407
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22407 - BlueZ Use After Free Remote Information Disclosure",
"Content": "CVE ID : CVE-2025-22407
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22408 - Citrix NetScaler Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22408
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22408 - Citrix NetScaler Use-After-Free Remote Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-22408
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0084 - Qualcomm Bluetooth HFP Use After Free Remote Code Execution",
"Content": "CVE ID : CVE-2025-0084
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0084 - Qualcomm Bluetooth HFP Use After Free Remote Code Execution",
"Content": "CVE ID : CVE-2025-0084
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0092 - Google Android Bond Permission Bypass",
"Content": "CVE ID : CVE-2025-0092
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0092 - Google Android Bond Permission Bypass",
"Content": "CVE ID : CVE-2025-0092
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0086 - Android AccountManager Service Token Overwrite Vulnerability",
"Content": "CVE ID : CVE-2025-0086
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0086 - Android AccountManager Service Token Overwrite Vulnerability",
"Content": "CVE ID : CVE-2025-0086
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0093 - Android Device AdapterService Remote Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-0093
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0093 - Android Device AdapterService Remote Information Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-0093
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22403 - "Vulnerability in Google SDP's SDP Disovery Service: Arbitrary Code Execution"",
"Content": "CVE ID : CVE-2025-22403
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22403 - "Vulnerability in Google SDP's SDP Disovery Service: Arbitrary Code Execution"",
"Content": "CVE ID : CVE-2025-22403
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-22404 - Qualcomm AvCT LCB Act Use After Free Privilege Escalation",
"Content": "CVE ID : CVE-2025-22404
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-22404 - Qualcomm AvCT LCB Act Use After Free Privilege Escalation",
"Content": "CVE ID : CVE-2025-22404
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "27 Aug 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹