Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.1

HIGH

CVE-2025-60042

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chinchilla chinchilla allows PHP Local File Inclusion.This issue affects Chinchilla: from n/a through <= 1.16....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-68154

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command injection on Windows systems. The optional `drive` parameter is directly concatena...

Affected Products : systeminformation
Published: Dec. 16, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-67507

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused in...

Affected Products : filament
Published: Dec. 10, 2025

Modified: Dec. 12, 2025

Vuln Type: Authentication
8.1

HIGH

CVE-2025-60057

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through <= 1.3.13....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-60044

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fribbo fribbo allows PHP Local File Inclusion.This issue affects Fribbo: from n/a through <= 1.1.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58900

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UniTravel unitravel allows PHP Local File Inclusion.This issue affects UniTravel: from n/a through <= 1.4.2....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-60056

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a through <= 1.0.16....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58901

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Takeout takeout allows PHP Local File Inclusion.This issue affects Takeout: from n/a through <= 1.3.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2023-53741

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established...

Affected Products : sft_dab_600\/c_firmware sft_dab_600\/c sft_dab_015\/c_firmware sft_dab_015\/c sft_dab_050\/c_firmware sft_dab_050\/c sft_dab_150\/c_firmware sft_dab_150\/c sft_dab_300\/c_firmware sft_dab_300\/c
Published: Dec. 10, 2025

Modified: Dec. 18, 2025

Vuln Type: Authentication
8.1

HIGH

CVE-2025-58225

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through <= 1.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-60069

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through <= 1.4....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58926

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Cerebrum cerebrum allows PHP Local File Inclusion.This issue affects Cerebrum: from n/a through <= 1.12....

Affected Products : cerebrum
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-52745

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Farm Agrico farmagrico allows PHP Local File Inclusion.This issue affects Farm Agrico: from n/a through <= 1.3.11....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49943

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Femme femme allows PHP Local File Inclusion.This issue affects Femme: from n/a through <= 1.3.11....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49365

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Jack Well jack-well allows PHP Local File Inclusion.This issue affects Jack Well: from n/a through <= 1.0.14....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-6326

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49371

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Strux strux allows PHP Local File Inclusion.This issue affects Strux: from n/a through <= 1.9....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49364

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ludos Paradise ludos-paradise allows PHP Local File Inclusion.This issue affects Ludos Paradise: from n/a through <= 2.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49363

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Kings & Queens kings-queens allows PHP Local File Inclusion.This issue affects Kings & Queens: from n/a through <= 1.1.16...

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal

Showing 20 of 5228 Results

Browse by Apps

Latest CVE Feed

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable