Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-43509

    This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-46276

    An information disclosure issue was addressed with improved privacy controls. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2. An app m... Read more

    Affected Products : macos iphone_os watchos ipados visionos
    • Published: Dec. 12, 2025
    • Modified: Dec. 17, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-46289

    A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-63402

    An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests... Read more

    Affected Products : dragon
    • Published: Dec. 03, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-14198

    A vulnerability was detected in Verysync 微力同步 2.21.3. This affects an unknown function of the file /safebrowsing/clientreport/download?key=dummytoken of the component Web Administration Module. Performing manipulation results in information disclosure. Th... Read more

    Affected Products : verysync
    • Published: Dec. 07, 2025
    • Modified: Dec. 11, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-36889

    In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-43514

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 17, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-36929

    In AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for explo... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-36921

    In ProtocolPsUnthrottleApn() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exp... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43471

    The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 16, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43475

    A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.... Read more

    Affected Products : iphone_os ipados
    • Published: Dec. 17, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-62468

    Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally.... Read more

    • Published: Dec. 09, 2025
    • Modified: Dec. 12, 2025

  • 5.5

    MEDIUM
    CVE-2025-43521

    A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 17, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-43470

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 16, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-67461

    External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access.... Read more

    Affected Products : rooms
    • Published: Dec. 10, 2025
    • Modified: Dec. 30, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-43463

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Tahoe 26.1, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 17, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-64896

    Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disr... Read more

    • Published: Dec. 09, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-15082

    A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file /reqproc/proc_post of the component Web Management Interface. Performing manipulation of the argument goformId results in information disclosure. It is pos... Read more

    Affected Products :
    • Published: Dec. 25, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43466

    An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-43461

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Path Traversal
Showing 20 of 5226 Results