Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-59255

    Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 17, 2025

  • 7.8

    HIGH
    CVE-2025-9870

    Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to e... Read more

    Affected Products : synapse
    • Published: Oct. 29, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Path Traversal

  • 7.8

    HIGH
    CVE-2025-59224

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025

  • 7.8

    HIGH
    CVE-2025-55328

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 27, 2025

  • 7.8

    HIGH
    CVE-2025-22832

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.... Read more

    Affected Products : aptio_v
    • Published: Oct. 14, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-59187

    Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Nov. 05, 2025

  • 7.8

    HIGH
    CVE-2025-54282

    Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ... Read more

    Affected Products : windows framemaker
    • Published: Oct. 14, 2025
    • Modified: Oct. 17, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-23347

    NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information... Read more

    Affected Products : geforce tesla
    • Published: Oct. 23, 2025
    • Modified: Oct. 27, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-54283

    Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must... Read more

    Affected Products : macos windows illustrator
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-62417

    Bagisto is an open source laravel eCommerce platform. When product data that begins with a spreadsheet formula character (for example =, +, -, or @) is accepted and later exported or saved into a CSV and opened in spreadsheet software, the spreadsheet wil... Read more

    Affected Products : bagisto
    • Published: Oct. 16, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-61802

    Substance3D - Stager versions 3.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-57741

    An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking.... Read more

    Affected Products : forticlient
    • Published: Oct. 14, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2023-46718

    A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or comm... Read more

    Affected Products : fortios fortiproxy
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-57227

    An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder.... Read more

    Affected Products :
    • Published: Oct. 29, 2025
    • Modified: Oct. 30, 2025
    • Vuln Type: Path Traversal

  • 7.8

    HIGH
    CVE-2025-61798

    Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code... Read more

    Affected Products : macos windows dimension
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-59234

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 28, 2025

  • 7.8

    HIGH
    CVE-2025-54284

    Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must... Read more

    Affected Products : macos windows illustrator
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-59494

    Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : azure_monitor_agent
    • Published: Oct. 14, 2025
    • Modified: Oct. 22, 2025

  • 7.8

    HIGH
    CVE-2025-60749

    DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe.... Read more

    Affected Products :
    • Published: Oct. 31, 2025
    • Modified: Nov. 04, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-54268

    Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : macos windows bridge
    • Published: Oct. 15, 2025
    • Modified: Oct. 17, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4136 Results