CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26763	WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability Description: Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection. This issue affects Responsive Slider by MetaSlider: from n/a through 3.94.0. CVSS: CRITICAL (9.8) EPSS Score: 0.04% Source: CVE February 22nd, 2025 (5 months ago)
CVE-2025-26760	WordPress Calculator Builder plugin <= 1.6.2 - Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Calculator Builder allows PHP Local File Inclusion. This issue affects Calculator Builder: from n/a through 1.6.2. CVSS: HIGH (7.5) EPSS Score: 0.08% Source: CVE February 22nd, 2025 (5 months ago)
CVE-2025-26757	WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL SERVICES FULL Customer allows PHP Local File Inclusion. This issue affects FULL Customer: from n/a through 3.1.26. CVSS: HIGH (7.5) EPSS Score: 0.11% Source: CVE February 22nd, 2025 (5 months ago)
CVE-2025-26756	WordPress Magic the Gathering Card Tooltips plugin <= 3.5.0 - Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card Tooltips allows Stored XSS. This issue affects Magic the Gathering Card Tooltips: from n/a through 3.5.0. CVSS: HIGH (7.1) EPSS Score: 0.03% Source: CVE February 22nd, 2025 (5 months ago)
CVE-2025-26750	WordPress Vitepos Plugin <= 3.1.3 - Broken Access Control vulnerability Description: Missing Authorization vulnerability in appsbd Vitepos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Vitepos: from n/a through 3.1.3. CVSS: MEDIUM (6.5) EPSS Score: 0.02% Source: CVE February 22nd, 2025 (5 months ago)
CVE-2024-12577	GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet Description: Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. EPSS Score: 0.02% Source: CVE February 22nd, 2025 (5 months ago)
	Peter Glenn Ski and Sports Has Fallen Victim to RHYSIDA Ransomware Description: Peter Glenn Ski and Sports Has Fallen Victim to RHYSIDA Ransomware Source: DarkWebInformer February 22nd, 2025 (5 months ago)
	dna and grep Claim to have Leaked the Data of Abex Exhibits Description: dna and grep Claim to have Leaked the Data of Abex Exhibits Source: DarkWebInformer February 22nd, 2025 (5 months ago)
	RipperSec Targeted the Website of Dalarna University Description: RipperSec Targeted the Website of Dalarna University Source: DarkWebInformer February 22nd, 2025 (5 months ago)
	A Threat Actor Claims to be Selling Amarbazar Plus Logs Description: A Threat Actor Claims to be Selling Amarbazar Plus Logs Source: DarkWebInformer February 22nd, 2025 (5 months ago)