Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.2

HIGH

CVE-2025-58890

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Playful playful allows PHP Local File Inclusion.This issue affects Playful: from n/a through <= 1.19.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-1545

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only ...

Affected Products : fireware firebox_m270 firebox_m290 firebox_m370 firebox_m390 firebox_m440 firebox_m470 firebox_m4800 firebox_m570 firebox_m5800 +25 more products
Published: Dec. 04, 2025

Modified: Dec. 10, 2025

Vuln Type: Injection
8.2

HIGH

CVE-2025-58803

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Algenix algenix allows PHP Local File Inclusion.This issue affects Algenix: from n/a through <= 1.0....

Affected Products : algenix
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58930

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6....

Affected Products : fitflex
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Injection
8.2

HIGH

CVE-2025-53453

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Hygia hygia allows PHP Local File Inclusion.This issue affects Hygia: from n/a through <= 1.16....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60063

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through <= 1.2.3....

Affected Products : rosalinda
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58931

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6....

Affected Products : palatio
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58929

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58891

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Sanger sanger allows PHP Local File Inclusion.This issue affects Sanger: from n/a through <= 1.24.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58893

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Alright alright allows PHP Local File Inclusion.This issue affects Alright: from n/a through <= 1.6.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-58892

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through <= 1.2.3....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-66444

Cross-site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (Data Center Analytics component) and Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component).This issue affects Hitachi Infrastructure Analytics Adviso...

Affected Products : infrastructure_analytics_advisor ops_center_analyzer
Published: Dec. 24, 2025

Modified: Dec. 29, 2025

Vuln Type: Cross-Site Scripting
8.2

HIGH

CVE-2025-58894

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Good Mood good-mood allows PHP Local File Inclusion.This issue affects Good Mood: from n/a through <= 1.16....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-14202

A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, Java...

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Cross-Site Scripting
8.2

HIGH

CVE-2025-58895

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Integro integro allows PHP Local File Inclusion.This issue affects Integro: from n/a through <= 1.8.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60053

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MaxCube maxcube allows PHP Local File Inclusion.This issue affects MaxCube: from n/a through <= 1.3.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60054

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes OnLeash onleash allows PHP Local File Inclusion.This issue affects OnLeash: from n/a through <= 1.5.2....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60052

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes W&D wd allows PHP Local File Inclusion.This issue affects W&D: from n/a through <= 1.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60055

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fabrica fabrica allows PHP Local File Inclusion.This issue affects Fabrica: from n/a through <= 1.8.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.2

HIGH

CVE-2025-60050

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through <= 1.21....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal

Showing 20 of 5301 Results

Browse by Apps

Latest CVE Feed

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

8.2

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable