Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

🚨 Marked as known exploited on May 30th, 2025 (about 9 hours ago).
Description: Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]
Source: BleepingComputer
May 30th, 2025 (about 9 hours ago)
🚨 Marked as known exploited on May 29th, 2025 (1 day ago).
Description: 🛡 Security Advisory: SQL Injection Vulnerability in Navidrome v0.55.2 Overview This vulnerability arises due to improper input validation on the role parameter within the API endpoint /api/artist. Attackers can exploit this flaw to inject arbitrary SQL queries, potentially gaining unauthorized access to the backend database and compromising sensitive user information. Details Vulnerable Component: API endpoint → /api/artist Parameter → role Vulnerability Type: SQL Injection (stacked queries, UNION queries) Database Affected: SQLite (confirmed exploitation via SQLite-specific payloads) Impact: Successful exploitation allows an unauthenticated attacker to: Execute arbitrary SQL commands Extract or manipulate sensitive data (e.g., user records, playlists) Potentially escalate privileges or disrupt service availability Proof of Concept (PoC) Example Exploit Command: sqlmap.py -r navi --level 5 --risk 3 -a --banner --batch --tamper charencode --dbms sqlite Sample Payloads: Stacked Queries: http://navidrome/api/artist?_end=15&_order=ASC&_sort=name&_start=0&role=albumartist');SELECT LIKE(CHAR(65,66,67,68,69,70,71),UPPER(HEX(RANDOMBLOB(500000000/2))))-- UNION-Based Query: http://navidrome.local/api/artist?_end=15&_order=ASC&_sort=name&_start=0&role=albumartist') UNION ALL SELECT 92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,92,CHAR(113,98,118,98,113)||CHAR(113,84,86,119,114,71,106,104,90,118,120,104,79,66,104,108,121,106,70,68,90,113,104,117,67,98,113,67,103,84,71,...
Source: Github Advisory Database (Go)
May 29th, 2025 (1 day ago)

CVE-2025-48930

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues, as exploited in the wild in May 2025.

CVSS: LOW (2.8)

EPSS Score: 0.01%

Source: CVE
May 28th, 2025 (2 days ago)

CVE-2025-48929

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.0)

EPSS Score: 0.05%

Source: CVE
May 28th, 2025 (2 days ago)

CVE-2025-48928

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.0)

EPSS Score: 0.01%

SSVC Exploitation: none

Source: CVE
May 28th, 2025 (2 days ago)

CVE-2025-48927

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.

CVSS: MEDIUM (5.3)

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE
May 28th, 2025 (2 days ago)

CVE-2025-48926

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
May 28th, 2025 (2 days ago)

CVE-2025-48925

🚨 Marked as known exploited on May 28th, 2025 (2 days ago).
Description: The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential, as exploited in the wild in May 2025.

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE
May 28th, 2025 (2 days ago)
🚨 Marked as known exploited on May 28th, 2025 (3 days ago).
Description: Meet the elite squad that’s hunting the next major cyberattack. With more than 150 years of combined research experience and expert analysis, the Tenable Research Special Operations team arms organizations with the critical and actionable intelligence necessary to proactively defend the modern attack surface. The digital battlefield is constantly shifting. It's no longer enough to just react. We need to anticipate. Massive data breaches leave consumers exposed to identity thieves, ransomware attacks cripple hospitals, and Nation State actors disrupt critical infrastructure. It's not just about vulnerable software anymore. In our hyper-connected world, from the smart devices in your home to the complex systems running our cities, everything is a potential target. The explosion of cloud services and AI is accelerating this risk, creating countless new windows for cybercriminals and hostile nations to exploit. From software and hardware vulnerabilities, to misconfigurations, compromised identities, overexposed and highly privileged environments, and publicly accessible databases, the threat landscape is everywhere, all at once. As of October 2024, over 240,000 Common Vulnerabilities and Exposures (CVEs) have been tracked through the MITRE CVE program, including many that have significantly impacted consumers, businesses and governments. The volume has historically been too much for security teams to keep up with. Beyond the sheer increase in the volume of traditional vulnerab...

CVSS: CRITICAL (9.6)

EPSS Score: 8.83%

Source: Tenable Blog
May 28th, 2025 (3 days ago)
🚨 Marked as known exploited on May 23rd, 2025 (8 days ago).
Description: Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.

CVSS: CRITICAL (9.8)

Source: RecordedFuture
May 23rd, 2025 (8 days ago)