shinyColumn

7 exploits Active since Sep 2025
CVE-2025-56803 NOMISEC HIGH WORKING POC
Figma Desktop - OS Command Injection
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to child_process.exec without validation, leading to possible RCE. NOTE: this is disputed by the Supplier because the behavior only allows a local user to attack himself via a local plugin. The local build procedure, which is essential to the attack, is not executed for plugins shared to the Figma Community.
1 stars
CVSS 8.4
CVE-2025-46408 NOMISEC CRITICAL WORKING POC
AVTECH EagleEyes <2.0.0 - Info Disclosure
An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain validation.
1 stars
CVSS 9.8
CVE-2025-50944 NOMISEC HIGH WRITEUP
AVTECH EagleEyes 2.0.0 - Info Disclosure
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation.
CVSS 8.8
CVE-2025-50110 NOMISEC HIGH WRITEUP
AVTECH EagleEyes Lite <2.0.0 - Info Disclosure
An issue was discovered in the method push.lite.avtech.com.AvtechLib.GetHttpsResponse in AVTECH EagleEyes Lite 2.0.0, the GetHttpsResponse method transmits sensitive information - including internal server URLs, account IDs, passwords, and device tokens - as plaintext query parameters over HTTPS
CVSS 8.8
CVE-2025-56799 WRITEUP MEDIUM WORKING POC
Reolink - Command Injection
Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself.
CVSS 6.5
CVE-2025-56801 WRITEUP MEDIUM WRITEUP
Reolink Desktop App 8.18.12 - Info Disclosure
The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector (IV) in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that material is not hardcoded and is instead randomly generated on each installation of the application.
CVSS 5.1
CVE-2025-56802 WRITEUP MEDIUM WORKING POC
Reolink desktop app - Info Disclosure
The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56801. NOTE: the Supplier's position is that material is not hardcoded and is instead randomly generated on each installation of the application.
CVSS 5.1