Latest CVE Feed
-
9.8
CRITICALCVE-2025-66401
MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied github... Read more
Affected Products :- Published: Dec. 01, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Injection
-
4.6
MEDIUMCVE-2025-66403
FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site scripting (XSS) vulnerability exists in the Filerise application due to improper handling of uploaded SVG files. Th... Read more
Affected Products : filerise- Published: Dec. 01, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Cross-Site Scripting
-
9.1
CRITICALCVE-2025-41744
Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity.... Read more
Affected Products :- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Cryptography
-
6.9
MEDIUMCVE-2025-41086
Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the... Read more
Affected Products : gams- Published: Dec. 02, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Authentication
-
9.0
CRITICALCVE-2025-8351
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 bef... Read more
Affected Products : antivirus- Published: Dec. 01, 2025
- Modified: Dec. 02, 2025
- Vuln Type: Memory Corruption