Latest Vulnerabilities
Latest Found
The latest vulnerability announcements
- CVE-2025-11450 - Reflected Cross Site Scripting in ServiceNow AI Platform
- CVE-2025-11449 - Reflected Cross Site Scripting in ServiceNow AI Platform
- CVE-2025-61926 - Allstar Reviewbot has Authentication Bypass via Hard-coded Webhook Secret
- CVE-2025-61928 - Better Auth: Unauthenticated API key creation through api-key plugin
- CVE-2025-61783 - Python Social Auth - Django has unsafe account association
- CVE-2025-62240 - Liferay Portal Liferay DXP Calendar XSS Vulnerability
- CVE-2025-60375 - Perfex CRM Authentication Bypass Vulnerability
- CVE-2025-61601 - BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation
- CVE-2025-61773 - pyLoad CNL and captcha handlers allow code Injection via unsanitized parameters
- CVE-2025-61779 - Trustee's attestation-policy endpoint is not protected by admin autentication
CISA Advisories
The latest advisories from CISA
- CISA Releases Four Industrial Control Systems Advisories
- Rockwell Automation Stratix
- CISA Adds One Known Exploited Vulnerability to Catalog
- Rockwell Automation Lifecycle Services with Cisco
- Hitachi Energy Asset Suite
- Delta Electronics DIAScreen
- CISA Releases Two Industrial Control Systems Advisories
- CISA Adds One Known Exploited Vulnerability to Catalog
- CISA Adds Seven Known Exploited Vulnerabilities to Catalog
- Hitachi Energy MSM Product
