CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26621 |
Description: OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.5.2, any user with the capability manage customizations can edit webhook that will execute javascript code. This can be abused to cause a denial of service attack by prototype pollution, making the node js server running the OpenCTI frontend become unavailable. Version 6.5.2 fixes the issue.
CVSS: HIGH (7.6) EPSS Score: 0.05%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-24189 |
Description: The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption.
CVSS: HIGH (8.8) EPSS Score: 0.05% SSVC Exploitation: none
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-23988 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS.This issue affects Ghostwriter: from n/a through 1.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-23986 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyrewurks Tiki Time allows Reflected XSS.This issue affects Tiki Time: from n/a through 1.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-23983 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tijaji allows Reflected XSS.This issue affects Tijaji: from n/a through 1.43.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-23981 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takimi Themes CarZine allows Reflected XSS.This issue affects CarZine: from n/a through 1.4.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-23979 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-22792 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jinwen Js O3 Lite allows Reflected XSS.This issue affects Js O3 Lite: from n/a through 1.5.8.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-22791 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twh offset writing allows Reflected XSS.This issue affects offset writing: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04% SSVC Exploitation: none
May 19th, 2025 (about 1 month ago)
|
|
CVE-2025-22790 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in asmedia allows Reflected XSS.This issue affects moseter: from n/a through 1.3.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
May 19th, 2025 (about 1 month ago)
|