Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.3

    HIGH
    CVE-2025-64443

    MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious we... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Server-Side Request Forgery

  • 5.3

    MEDIUM
    CVE-2025-12585

    The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values tha... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-66476

    Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, w... Read more

    Affected Products : vim
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Misconfiguration

  • 4.3

    MEDIUM
    CVE-2025-13756

    The Fluent Booking plugin for WordPress is vulnerable to unauthorized calendar import and management due to a missing capability check on the "importCalendar" function in all versions up to, and including, 1.9.11. This makes it possible for authenticated ... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-54158

    Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors.... Read more

    Affected Products :
    • Published: Dec. 04, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-33208

    NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncontrolled search path. A successful exploit of this vulnerability may lead to escalation of privileges, data tampering, denial of service, information disclo... Read more

    Affected Products :
    • Published: Dec. 03, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Path Traversal

  • 5.3

    MEDIUM
    CVE-2025-20750

    In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20751

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interacti... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-20752

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interacti... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +39 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20753

    In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interactio... Read more

    Affected Products : nr15 nr16 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 +32 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20754

    In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +54 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20755

    In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20756

    In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +28 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-20757

    In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User intera... Read more

    Affected Products : nr15 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 mt6877 +16 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 4.9

    MEDIUM
    CVE-2025-20758

    In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interactio... Read more

    Affected Products : nr15 nr16 nr17 mt2735 mt6813 mt6833 mt6833p mt6835 mt6853 mt6853t +54 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-20759

    In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User int... Read more

    Affected Products : nr15 nr16 mt2735 mt6833 mt6833p mt6853 mt6853t mt6855 mt6873 mt6875 +36 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-20763

    In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: A... Read more

    Affected Products : android mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 mt6883 mt6885 +18 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-20764

    In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +24 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2025-20765

    In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Is... Read more

    Affected Products : android openwrt yocto mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 +43 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-20766

    In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID:... Read more

    Affected Products : android mt6781 mt6789 mt6833 mt6835 mt6853 mt6855 mt6877 mt6878 mt6879 +22 more products
    • Published: Dec. 02, 2025
    • Modified: Dec. 03, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5357 Results