Security Related Links

Security Lists & Frameworks

Curated references for practitioners. Bookmark this page.

CISA Known Exploited Vulnerabilities Live

Last updated: 2025-12-09T21:45:47.0432Z · Total CVEs: 1472

CVEVendorProductAddedDescription
CVE-2025-6218RARLABWinRAR2025-12-09RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.
CVE-2025-62221MicrosoftWindows2025-12-09Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
CVE-2022-37055D-LinkRouters2025-12-08D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVE-2025-66644Array Networks ArrayOS AG2025-12-08Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.
CVE-2025-55182MetaReact Server Components2025-12-05Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.
CVE-2021-26828OpenPLCScadaBR2025-12-03OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
CVE-2025-48633AndroidFramework2025-12-02Android Framework contains an unspecified vulnerability that allows for information disclosure.
CVE-2025-48572AndroidFramework2025-12-02Android Framework contains an unspecified vulnerability that allows for privilege escalation.
CVE-2021-26829OpenPLCScadaBR2025-11-28OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.
CVE-2025-61757OracleFusion Middleware2025-11-21Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
CVE-2025-13223GoogleChromium V82025-11-19Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.
CVE-2025-58034FortinetFortiWeb2025-11-18Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
CVE-2025-64446FortinetFortiWeb2025-11-14Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
CVE-2025-12480GladinetTriofox2025-11-12Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.
CVE-2025-62215MicrosoftWindows2025-11-12Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-level access.
CVE-2025-9242WatchGuardFirebox2025-11-12WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.
CVE-2025-21042SamsungMobile Devices2025-11-10Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
CVE-2025-48703CWPControl Web Panel2025-11-04CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command Injection vulnerability that allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.
CVE-2025-11371GladinetCentreStack and Triofox2025-11-04Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files.
CVE-2025-41244BroadcomVMware Aria Operations and VMware Tools2025-10-30Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
CVE-2025-24893XWikiPlatform2025-10-30XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.
CVE-2025-6204Dassault SystèmesDELMIA Apriso2025-10-28Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitrary code.
CVE-2025-6205Dassault SystèmesDELMIA Apriso2025-10-28Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain privileged access to the application.
CVE-2025-54236AdobeCommerce and Magento2025-10-24Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.
CVE-2025-59287MicrosoftWindows2025-10-24Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.

View KEV JSON

EPSS – Exploit Prediction Scoring System Live

Error loading EPSS: HTTP 403