CVE-2025-3248
Author: bambooqj

Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.

GitHub Link:
https://github.com/bambooqj/cve-2025-3248

CVE-2025-4334
Author: vinodwick

The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to register as an administrator.

GitHub Link:
https://github.com/vinodwick/CVE-2025-4334

CVE-2025-59287
Author: garvitv14

None

GitHub Link:
https://github.com/garvitv14/CVE-2025-59287

CVE-2025-61304
Author: pentastic-be

None

GitHub Link:
https://github.com/pentastic-be/CVE-2025-61304

CVE-2025-4796
Author: Nxploited

None

GitHub Link:
https://github.com/Nxploited/CVE-2025-4796

CVE-2025-59287
Author: jiansiting

None

GitHub Link:
https://github.com/jiansiting/CVE-2025-59287

CVE-2025-48385
Author: Mitchellzhou1

None

GitHub Link:
https://github.com/Mitchellzhou1/CVE-2025-48385-PoC

CVE-2025-60349
Author: djackreuter

None

GitHub Link:
https://github.com/djackreuter/CVE-2025-60349

CVE-2025-61155
Author: pollotherunner

None

GitHub Link:
https://github.com/pollotherunner/CVE-2025-61155

CVE-2025-9983
Author: sohaibeb

None

GitHub Link:
https://github.com/sohaibeb/CVE-2025-9983

CVE-2025-32463
Author: DensuLabs

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

GitHub Link:
https://github.com/DensuLabs/CVE-2025-32463