CyberAlerts.io | Known Exploited Vulnerabilities (KEV)

CyberAlerts provides a trusted catalog of vulnerabilities known to be exploited in the wild, drawing from many sources, including CISA KEV. Organizations can use this catalog to better prioritize and manage vulnerabilities in response to real-world threat activity. Further information here.

Displaying vulnerabilities 1 - 10 of 115 in total

CVE-2025-48930

Description: The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues, as exploited in the wild in May 2025.

CVSS: LOW (2.8)

EPSS Score: 0.01%

May 28th, 2025 (1 day ago)

CVE-2025-48929

Description: The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.0)

EPSS Score: 0.05%

May 28th, 2025 (2 days ago)

CVE-2025-48928

Description: The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.0)

EPSS Score: 0.01%

SSVC Exploitation: none

May 28th, 2025 (2 days ago)

CVE-2025-48927

Description: The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.

CVSS: MEDIUM (5.3)

EPSS Score: 0.03%

SSVC Exploitation: none

May 28th, 2025 (2 days ago)

CVE-2025-48926

Description: The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

May 28th, 2025 (2 days ago)

CVE-2025-48925

Description: The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

May 28th, 2025 (2 days ago)

CVE-2025-37922

Description: In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGE_SIZE A vmemmap altmap is a device-provided region used to provide backing storage for struct pages. For each namespace, the altmap should belong to that same namespace. If the namespaces are created unaligned, there is a chance that the section vmemmap start address could also be unaligned. If the section vmemmap start address is unaligned, the altmap page allocated from the current namespace might be used by the previous namespace also. During the free operation, since the altmap is shared between two namespaces, the previous namespace may detect that the page does not belong to its altmap and incorrectly assume that the page is a normal page. It then attempts to free the normal page, which leads to a kernel crash. Kernel attempted to read user page (18) - exploit attempt? (uid: 0) BUG: Kernel NULL pointer dereference on read at 0x00000018 Faulting instruction address: 0xc000000000530c7c Oops: Kernel access of bad area, sig: 11 [#1] LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries CPU: 32 PID: 2104 Comm: ndctl Kdump: loaded Tainted: G W NIP: c000000000530c7c LR: c000000000530e00 CTR: 0000000000007ffe REGS: c000000015e57040 TRAP: 0300 Tainted: G W MSR: 800000000280b033 CR: 84482404 CFAR: c000000000530dfc DAR: 0000000000000018 DSISR: 40000000 IRQMASK: 0 GPR00: c000000000530e00 c000000015e572e0 c000000002c5cb00 c00c00...

EPSS Score: 0.02%

May 20th, 2025 (10 days ago)

CVE-2024-11182

Description: An XSS issue was discovered in MDaemon Email Server before versionĀ 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window.

CVSS: MEDIUM (6.1)

EPSS Score: 39.83%

SSVC Exploitation: active

May 19th, 2025 (11 days ago)

CVE-2025-4428

Description: Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

CVSS: HIGH (7.2)

EPSS Score: 29.66%

May 19th, 2025 (11 days ago)

CVE-2025-27920

Description: Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.

CVSS: CRITICAL (9.8)

EPSS Score: 62.5%

May 19th, 2025 (11 days ago)