Exploit Intelligence Platform

CVE-2026-1978 5.3 MEDIUM 1 Writeup EPSS 0.00

kalyan02 NanoCMS <0.4 - Info Disclosure

A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request. It is possible to initiate the attack remotely. The exploit is now public and may be used. You should change the configuration settings.

CWE-425 Feb 06, 2026

CVE-2025-52024 9.4 CRITICAL EPSS 0.00

Aptsys Gemscms Backend < 2025-05-28 - Missing Authorization

A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthenticated users. By accessing specific URLs, an attacker is presented with a directory-style index listing all available backend services and POS web services, each with an HTML form for submitting test input. These panels are intended for developer use, but are accessible in production environments with no authentication or session validation. This grants any external actor the ability to discover, test, and execute API endpoints that perform critical functions including but not limited to user transaction retrieval, credit adjustments, POS actions, and internal data queries.

CWE-306 Jan 23, 2026

CVE-2026-0790 7.5 HIGH EPSS 0.00

Algosolutions 8180 IP Audio Alerter Firmware - Information Disclosure

ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. By navigating directly to a URL, a user can gain unauthorized access to data. An attacker can leverage this vulnerability to disclose information in the context of the device. Was ZDI-CAN-28299.

CWE-425 Jan 23, 2026

CVE-2026-0650 EPSS 0.00

Flagr - Missing Authentication

OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.

CWE-306 Jan 07, 2026

CVE-2025-15153 3.7 LOW EPSS 0.00

PbootCMS <3.2.12 - Info Disclosure

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. Modifying the configuration settings is advised.

CWE-552 Dec 28, 2025

CVE-2025-67844 5.0 MEDIUM EPSS 0.00

Mintlify Platform <2025-11-15 - Info Disclosure

The GitHub Integration API in Mintlify Platform before 2025-11-15 allows remote attackers to obtain sensitive repository metadata via the repository owner and name fields. It fails to validate that the repository owner and name fields provided during configuration belong to the specific GitHub App Installation ID associated with the user's organization.

CWE-425 Dec 19, 2025

CVE-2025-65011 1 Writeup EPSS 0.00

WODESYS WD- R608U - Info Disclosure

In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version WDR28081123OV1.01 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

CWE-425 Dec 18, 2025

CVE-2025-26381 EPSS 0.00

Unknown - Info Disclosure

Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.

CWE-425 Dec 17, 2025

CVE-2025-14697 3.7 LOW EPSS 0.00

Shenzhen Sixun Software Sixun Shanghui Group Business Management Sy...

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotely. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

CWE-552 Dec 15, 2025

CVE-2025-57823 2.7 LOW EPSS 0.00

Fortinet FortiAuthenticator <6.6.7 - Info Disclosure

A direct request ('forced browsing') vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and download device logs via accessing specific endpoints

CWE-425 Dec 09, 2025

CVE-2025-6195 4.3 MEDIUM EPSS 0.00

GitLab EE <18.4.5-18.6.1 - Info Disclosure

GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user to view information from security reports under certain configuration conditions.

CWE-425 Nov 26, 2025

CVE-2025-62778 5.3 MEDIUM 1 Writeup EPSS 0.00

Frappe Learning <2.39.1 - Info Disclosure

Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the Quiz Form if they had the URL.

CWE-425 Oct 27, 2025

CVE-2025-11280 3.7 LOW EPSS 0.00

Frappe LMS 2.35.0 - Unknown Vuln

A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. It is advisable to upgrade the affected component. The vendor was informed early about a total of four security issues and confirmed that those have been fixed. However, the release notes on GitHub do not mention them.

CWE-425 Oct 05, 2025

CVE-2025-59797 5.8 MEDIUM 1 Writeup EPSS 0.00

Profession Fit 5.0.99 Build 44910 - Auth Bypass

Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/{id} and also URLs for eversports, the user-management page, and the plane page.

CWE-425 Sep 22, 2025

CVE-2025-10287 3.1 LOW EPSS 0.00

roncoo-pay <9428382af21cd5568319eae7429b7e1d0332ff40 - Unknown Vuln

A vulnerability has been found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. The affected element is an unknown function of the file /auth/orderQuery. Such manipulation of the argument orderNo leads to direct request. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is described as difficult. The exploit has been disclosed to the public and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The vendor was contacted early about this disclosure but did not respond in any way.

CWE-425 Sep 12, 2025

CVE-2025-31971 5.1 MEDIUM EPSS 0.00

AIML Solutions for HCL SX - SSRF

AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability. The issue may allow attackers to launch a server-side request forgery (SSRF) attack enabling unauthorized network calls from the system, potentially exposing internal services or sensitive information.

CWE-425 Aug 28, 2025

CVE-2022-43110 9.8 CRITICAL 1 PoC Analysis EPSS 0.00

Voltronic Power ViewPower <1.04-21353 & PowerShield Netguard <1.04-...

Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.

CWE-284 Aug 22, 2025

CVE-2025-55736 6.5 MEDIUM EPSS 0.00

flaskBlog <2.8.0 - Privilege Escalation

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, an arbitrary user can change his role to "admin", giving its relative privileges (e.g. delete users, posts, comments etc.). The problem is in the routes/adminPanelUsers file.

CWE-807 Aug 19, 2025

CVE-2025-41404 4.3 MEDIUM EPSS 0.00

iroha Board <v0.10.12 - Info Disclosure

Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.

CWE-425 Jun 26, 2025

CVE-2025-53073 4.2 MEDIUM 1 Writeup EPSS 0.00

Sentry 25.1.0-25.5.1 - Info Disclosure

In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted).

CWE-425 Jun 24, 2025

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps