Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-61828

    Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus... Read more

    Affected Products : illustrator_on_ipad
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-61815

    InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ... Read more

    Affected Products : macos windows indesign
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-59511

    External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-61818

    InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a mal... Read more

    Affected Products : macos windows incopy
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47361

    Memory corruption when triggering a subsystem crash with an out-of-range identifier.... Read more

    • Published: Nov. 04, 2025
    • Modified: Nov. 05, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-60718

    Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : windows_11_24h2 windows_11_25h2
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-27713

    Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable ... Read more

    Affected Products :
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-60713

    Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-10924

    GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targe... Read more

    Affected Products : gimp
    • Published: Oct. 29, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-62203

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-11464

    Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to ex... Read more

    Affected Products : cobalt
    • Published: Oct. 29, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43941

    Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execu... Read more

    Affected Products : unity_operating_environment
    • Published: Oct. 30, 2025
    • Modified: Nov. 03, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-10934

    GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in tha... Read more

    Affected Products : debian_linux gimp
    • Published: Oct. 29, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-62200

    Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-61833

    Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-61820

    Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : macos windows illustrator
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-10920

    GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the ... Read more

    Affected Products : gimp
    • Published: Oct. 29, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-60720

    Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025

  • 7.8

    HIGH
    CVE-2025-53814

    A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.... Read more

    Affected Products :
    • Published: Oct. 28, 2025
    • Modified: Nov. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47353

    Memory corruption while processing request sent from GVM.... Read more

    • Published: Nov. 04, 2025
    • Modified: Nov. 05, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 3666 Results