← Find more feeds

cvefeed.io

Latest High/Critical Vulnerabilitiy Feed

Get the latest updates from Latest High/Critical Vulnerabilitiy Feed directly as they happen.

Follow now 130 followers

Latest posts

Last updated 12 minutes ago

CVE-2025-64772 - INZONE Hub DLL Search Path Code Execution Vulnerability

about 1 hour ago

CVE ID : CVE-2025-64772 Published : Dec. 1, 2025, 12:22 a.m. |...

Read full

CVE-2025-35028 - HexStrike AI MCP Server Command Injection

about 3 hours ago

CVE ID : CVE-2025-35028 Published : Nov. 30, 2025, 10:15 p.m. |...

Read full

CVE-2025-13615 - StreamTube Core <= 4.78 - Unauthenticated Arbitrary User Password Change

about 23 hours ago

CVE ID : CVE-2025-13615 Published : Nov. 30, 2025, 2:15 a.m. |...

Read full

CVE-2025-66289 - OrangeHRM is Vulnerable to Persistent Session Access Due to Missing Invalidation After User Disable and Password Change

2 days ago

CVE ID : CVE-2025-66289 Published : Nov. 29, 2025, 4:15 a.m. |...

Read full

CVE-2025-66224 - OrangeHRM is Vulnerable to Code Execution Through Arbitrary File Write from Sendmail Parameter Injection

2 days ago

CVE ID : CVE-2025-66224 Published : Nov. 29, 2025, 4:15 a.m. |...

Read full

CVE-2025-66225 - OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

2 days ago

CVE ID : CVE-2025-66225 Published : Nov. 29, 2025, 4:15 a.m. |...

Read full

CVE-2025-66223 - OpenObserve's Invite Token Lifecycle Misconfiguration

2 days ago

CVE ID : CVE-2025-66223 Published : Nov. 29, 2025, 3:16 a.m. |...

Read full

CVE-2025-66216 - AIS-catcher has a Buffer Overflow vulnerability in `AIS::Message` leading to DoS/RCE

2 days ago

CVE ID : CVE-2025-66216 Published : Nov. 29, 2025, 3:15 a.m. |...

Read full

CVE-2025-66217 - AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

2 days ago

CVE ID : CVE-2025-66217 Published : Nov. 29, 2025, 3:15 a.m. |...

Read full

CVE-2025-66201 - LibreChat is Vulnerable to Server-Side Request Forgery (SSRF) in Actions Capability

2 days ago

CVE ID : CVE-2025-66201 Published : Nov. 29, 2025, 2:15 a.m. |...

Read full

CVE-2025-65112 - PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing

2 days ago

CVE ID : CVE-2025-65112 Published : Nov. 29, 2025, 1:16 a.m. |...

Read full

CVE-2025-12183 - org.lz4:lz4-java - Out-of-Bounds Memory Access

2 days ago

CVE ID : CVE-2025-12183 Published : Nov. 28, 2025, 4:15 p.m. |...

Read full

Or log in

Everything you care about in one place

Latest High/Critical Vulnerabilitiy Feed

Latest posts

CVE-2025-64772 - INZONE Hub DLL Search Path Code Execution Vulnerability

CVE-2025-35028 - HexStrike AI MCP Server Command Injection

CVE-2025-13615 - StreamTube Core <= 4.78 - Unauthenticated Arbitrary User Password Change

CVE-2025-66289 - OrangeHRM is Vulnerable to Persistent Session Access Due to Missing Invalidation After User Disable and Password Change

CVE-2025-66224 - OrangeHRM is Vulnerable to Code Execution Through Arbitrary File Write from Sendmail Parameter Injection

CVE-2025-66225 - OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

CVE-2025-66223 - OpenObserve's Invite Token Lifecycle Misconfiguration

CVE-2025-66216 - AIS-catcher has a Buffer Overflow vulnerability in `AIS::Message` leading to DoS/RCE

CVE-2025-66217 - AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

CVE-2025-66201 - LibreChat is Vulnerable to Server-Side Request Forgery (SSRF) in Actions Capability

CVE-2025-65112 - PubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity Spoofing

CVE-2025-12183 - org.lz4:lz4-java - Out-of-Bounds Memory Access

Try Feeder for free