Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2025-62002

    BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes.... Read more

    Affected Products : ransomware_containment
    • Published: Dec. 18, 2025
    • Modified: Jan. 15, 2026
    • Vuln Type: Denial of Service

  • 8.8

    HIGH
    CVE-2025-62001

    BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that av... Read more

    Affected Products : ransomware_containment
    • Published: Dec. 18, 2025
    • Modified: Jan. 15, 2026
    • Vuln Type: Misconfiguration

  • 5.3

    MEDIUM
    CVE-2025-15265

    An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a <script> block without HTML‑safe escaping, allowing </script> to terminate the script and inject arbitrary JavaScript. This enables r... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cross-Site Scripting

  • 7.5

    HIGH
    CVE-2024-48077

    An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service (DoS) via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock an... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Denial of Service

  • 8.7

    HIGH
    CVE-2025-60003

    A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives a BGP update wi... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Denial of Service

  • 6.8

    MEDIUM
    CVE-2025-59961

    An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process,... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Authorization

  • 7.4

    HIGH
    CVE-2025-59960

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Den... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Denial of Service

  • 6.8

    MEDIUM
    CVE-2025-59959

    An Untrusted Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service (DoS). When the command 'show ro... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Denial of Service

  • 6.1

    MEDIUM
    CVE-2025-52987

    A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an ... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cross-Site Request Forgery

  • 0.0

    NA
    CVE-2025-65368

    SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting (XSS) via user input and LLM output.... Read more

    Affected Products :
    • Published: Jan. 15, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2025-12049

    Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other ope... Read more

    Affected Products : mp-01_firmware mp-01
    • Published: Dec. 22, 2025
    • Modified: Jan. 15, 2026
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2026-20976

    Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.... Read more

    Affected Products : galaxy_store
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cross-Site Scripting

  • 5.5

    MEDIUM
    CVE-2026-20975

    Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.... Read more

    Affected Products : cloud
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2026-20969

    Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.... Read more

    Affected Products : android
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Path Traversal

  • 4.8

    MEDIUM
    CVE-2026-20972

    Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.... Read more

    Affected Products : android
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Authorization

  • 8.2

    HIGH
    CVE-2019-25279

    FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the device's SQLite database. Attackers can directly read sensitive login information stored in /faceGuar... Read more

    • Published: Jan. 08, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cryptography

  • 7.8

    HIGH
    CVE-2026-20971

    Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.... Read more

    Affected Products : android
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2026-20970

    Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.... Read more

    Affected Products : android
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Authorization

  • 6.7

    MEDIUM
    CVE-2026-20968

    Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.... Read more

    Affected Products : android
    • Published: Jan. 09, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2019-25278

    FaceSentry Access Control System 6.4.8 contains a cleartext transmission vulnerability that allows remote attackers to intercept authentication credentials. Attackers can perform man-in-the-middle attacks to capture HTTP cookie authentication information ... Read more

    • Published: Jan. 08, 2026
    • Modified: Jan. 15, 2026
    • Vuln Type: Cryptography
Showing 20 of 4429 Results