This page offers a live ATOM feed of the latest CVEs and Vulnerabilities from cvefeed.io. HIGH or CRITICAL
- CVE-2025-68620 - Signal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated Polling
- CVE-2025-66398 - Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)
- CVE-2025-68700 - RAGFlow Remote Code Execution Vulnerability
- CVE-2015-10145 - Gargoyle 1.5.x Authenticated OS Command Execution via run_commands.sh
- CVE-2025-28949 - WordPress Mediabay - WordPress Media Library Folders <= 1.4 - SQL Injection Vulnerability
- CVE-2021-47745 - Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware Upgrade
- CVE-2021-47741 - ZBL EPON ONU Broadband Router V100R001 Privilege Escalation via Configuration Endpoint
- CVE-2020-36903 - Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path
- CVE-2025-15389 - QNO Technology|VPN Firewall - OS Command Injection
- CVE-2025-15388 - QNO Technology|VPN Firewall - OS Command Injection
- CVE-2025-15387 - QNO Technology|VPN Firewall - Insufficient Entropy
- CVE-2025-15280 - FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability
- CVE-2025-15272 - FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability