Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-31161

🚨 Marked as known exploited on April 10th, 2025 (2 months ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31161 CrushFTP Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CVSS: CRITICAL (9.8)

EPSS Score: 21.21%

Source: All CISA Advisories
April 7th, 2025 (2 months ago)

CVE-2025-31161

Description: CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account (e.g., crushadmin), potentially leading to a full compromise.

CVSS: CRITICAL (9.8)

EPSS Score: 21.21%

Source: CISA KEV
April 7th, 2025 (2 months ago)
Description: Server-Side Request Forgery via LNURL Authentication Callback in LNbits Lightning Network Payment System Disclaimer This vulnerability was detected using XBOW, a system that autonomously finds and exploits potential security vulnerabilities. The finding has been thoroughly reviewed and validated by a security researcher before submission. While XBOW is intended to work autonomously, during its development human experts ensure the accuracy and relevance of its reports. Description A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. The vulnerability exists in the LNURL authentication callback process where the application makes HTTP requests to user-provided callback URLs and follows redirects without proper validation. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request to that URL using the httpx library with redirect following enabled. The application doesn't properly validate the callback URL, allowing attackers to specify internal network addresses and access internal resources. This vulnerability allows an attacker to make the application send HTTP requests to arbitrary internal network locations, potentially exposing sensitive information or accessing internal services that should not be accessible from the internet. Steps to Reproduce Create a new wallet account to get an admin key: curl -X POST http://target:5000/api/v1/...

CVSS: CRITICAL (9.3)

EPSS Score: 0.02%

Source: Github Advisory Database (PIP)
April 7th, 2025 (2 months ago)

CVE-2025-3248

🚨 Marked as known exploited on April 13th, 2025 (about 2 months ago).
Description: Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

CVSS: CRITICAL (9.8)

EPSS Score: 90.92%

Source: CVE
April 7th, 2025 (2 months ago)

CVE-2025-32013

Description: LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request to that URL using the httpx library with redirect following enabled. The application doesn't properly validate the callback URL, allowing attackers to specify internal network addresses and access internal resources.

CVSS: CRITICAL (9.3)

EPSS Score: 0.02%

Source: CVE
April 6th, 2025 (2 months ago)

CVE-2025-2941

Description: The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-file[] parameter in all versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php).

CVSS: CRITICAL (9.8)

EPSS Score: 0.25%

Source: CVE
April 5th, 2025 (2 months ago)

CVE-2025-22457

🚨 Marked as known exploited on April 10th, 2025 (2 months ago).
Description: Ivanti released security updates to address vulnerabilities (CVE-2025-22457) in Ivanti Connect Secure, Policy Secure & ZTA Gateways. A cyber threat actor could exploit CVE-2025-22457 to take control of an affected system. CISA has added CVE-2025-22457 to its Known Exploited Vulnerabilities Catalog. See the following resources for more guidance: April Security Update | Ivanti April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457) Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog For any instances of Ivanti Connect Secure that were not updated by Feb. 28, 2025, to the latest Ivanti patch (22.7R2.6) and all instances of Pulse Connect Secure (EoS), Policy Secure, and ZTA Gateways, CISA urges users and administrators to implement the following actions: Conduct threat hunting actions: Run an external Integrity Checker Tool (ICT). For more guidance, see Ivanti’s instructions. Conduct threat hunt actions on any systems connected to—or recently connected to—the affected Ivanti device. If threat hunting actions determine no compromise: For the highest level of confidence, conduct a factory reset. For Cloud and Virtual systems, conduct a factory reset using an external known clean image of the device. Apply the patch described in Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457). Please note that patches for Ivanti...

CVSS: CRITICAL (9.0)

EPSS Score: 10.25%

Source: All CISA Advisories
April 4th, 2025 (2 months ago)

CVE-2025-22457

🚨 Marked as known exploited on April 10th, 2025 (2 months ago).
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-22457 Ivanti Connect Secure, Policy Secure and ZTA Gateways Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. CISA urges organizations to apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service. Security Update: Pulse Connect Secure, Ivanti Connect Secure, Policy Secure and Neurons for ZTA Gateway CISA Mitigation Instructions for CVE-2025-22457 Organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at [email protected] or (888) 282-0870. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-...

CVSS: CRITICAL (9.0)

EPSS Score: 10.25%

Source: All CISA Advisories
April 4th, 2025 (2 months ago)

CVE-2024-11235

Description: In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.

CVSS: CRITICAL (9.2)

EPSS Score: 0.22%

Source: CVE
April 4th, 2025 (2 months ago)

CVE-2025-22457

Description: Ivanti Connect Secure, Policy Secure and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.

CVSS: CRITICAL (9.0)

EPSS Score: 10.25%

Source: CISA KEV
April 4th, 2025 (2 months ago)