2025 CVE Vulnerabilities
No CVEs published in 2025.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2025-59868 | MEDIUM | 5.5 | — | Jun 27, 2026 | HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure vulnerability which could allow an... |
| CVE-2025-32423 | MEDIUM | 5.3 | — | Jun 26, 2026 | AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agent... |
| CVE-2025-32394 | MEDIUM | 5.3 | — | Jun 26, 2026 | AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agent... |
| CVE-2025-68075 | MEDIUM | 6.5 | — | Jun 26, 2026 | Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions. |
| CVE-2025-68074 | MEDIUM | 6.5 | — | Jun 26, 2026 | Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions. |
| CVE-2025-66123 | MEDIUM | 5.3 | — | Jun 26, 2026 | Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions. |
| CVE-2025-64637 | MEDIUM | 5.3 | — | Jun 26, 2026 | Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. |
| CVE-2025-64636 | MEDIUM | 5.3 | — | Jun 26, 2026 | Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions. |
| CVE-2025-63079 | MEDIUM | 4.3 | — | Jun 26, 2026 | Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions. |
| CVE-2025-63078 | MEDIUM | 4.3 | — | Jun 26, 2026 | Subscriber Broken Access Control in Restaurant Menu by MotoPress <= 2.4.11 versions. |
| CVE-2025-63041 | MEDIUM | 5.4 | — | Jun 26, 2026 | Contributor Broken Access Control in Forget About Shortcode Buttons <= 2.1.3 versions. |
| CVE-2025-10268 | MEDIUM | 5.3 | 0.2% | Jun 26, 2026 | The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path travers... |
| CVE-2025-60465 | MEDIUM | 6.1 | 0.2% | Jun 25, 2026 | A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02... |
| CVE-2025-60473 | MEDIUM | 5.5 | 0.1% | Jun 25, 2026 | A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box ... |
| CVE-2025-60466 | MEDIUM | 5 | 0.1% | Jun 25, 2026 | A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.0... |
| CVE-2025-60468 | MEDIUM | 5.5 | 0.1% | Jun 24, 2026 | GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflo... |
| CVE-2025-64719 | MEDIUM | 4.9 | 0.4% | Jun 24, 2026 | Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a ... |
| CVE-2025-60471 | MEDIUM | 5.5 | 0.1% | Jun 24, 2026 | A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4B... |
| CVE-2025-64105 | MEDIUM | 5.1 | 0.3% | Jun 23, 2026 | FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online s... |
| CVE-2025-13162 | MEDIUM | 4.1 | 0.1% | Jun 23, 2026 | Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affect... |
| CVE-2025-55639 | MEDIUM | 6.5 | 0.3% | Jun 23, 2026 | GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gf_isom_add_track_kind() function at isomed... |
| CVE-2025-33128 | MEDIUM | 5.4 | 0.1% | Jun 22, 2026 | IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerab... |
| CVE-2025-2669 | MEDIUM | 6 | 0.2% | Jun 22, 2026 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a pri... |
| CVE-2025-62198 | MEDIUM | 5.4 | 0.3% | Jun 22, 2026 | An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommend... |
| CVE-2025-71379 | MEDIUM | 5.3 | 0.2% | Jun 20, 2026 | vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Severa... |
Check if your code is affected by 2025 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now