This page offers a live ATOM feed of the latest CVEs and Vulnerabilities from cvefeed.io. HIGH or CRITICAL
- CVE-2025-9556 - CVE-2025-9556
- CVE-2025-10364 - Unauthenticated Arbitrary Command Injection in Evertz SDVN
- CVE-2025-59054 - dstack has insecure LUKS2 persistent storage partitions that may be opened and used
- CVE-2025-10265 - Digiever|NVR - OS Command Injection
- CVE-2025-7448 - Man in the middle (MitM) attack vulnerability in Wi-SUN library
- CVE-2025-10264 - Digiever|NVR - Exposure of Sensitive Information
- CVE-2025-21042 - Qualcomm libimagecodec Out-of-Bounds Write RCE
- CVE-2025-6454 - Server-Side Request Forgery (SSRF) in GitLab
- CVE-2025-55319 - Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
- CVE-2025-36222 - IBM Fusion insecure default configuration
- CVE-2025-10127 - Daikin Security Gateway Weak Password Recovery Mechanism for Forgotten Password
- CVE-2025-8557 - Lenovo XClarity Orchestrator Local Privilege Escalation
- CVE-2025-59053 - AIRI's character card/chat UI is vulnerable to XSS and can lead to RCE
- CVE-2025-58060 - cups has Authentication bypass with AuthType Negotiate
- CVE-2025-58142 - Mutiple vulnerabilities in the Viridian interface
- CVE-2025-27466 - Mutiple vulnerabilities in the Viridian interface
- CVE-2025-9018 - Time Tracker <= 3.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Limited Data Deletion
- CVE-2025-40690 - SQL injection in PHPGurukul Online Fire Reporting System