Filter and search through 197,218 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-54994 | # Command Injection in MCP Server The MCP Server at https://github.com/akoskm/create-mcp-server-stdio is written in a way that is vulnerable to comma... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-54992 | OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54980 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54979 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54978 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54977 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54976 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54975 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54974 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54959 | Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54958 | Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS command... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54940 | An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML c... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54923 | CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authent... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-5489 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54888 | ### Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activit... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54885 | ### Impact A protocol compliance bug in thinbus-srp-npm versions prior to 2.0.1 causes the client to generate a fixed 252 bits of entropy instead of t... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54884 | Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54883 | Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt fu... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-54881 | ### Summary In the default configuration of mermaid 11.9.0, user supplied input for sequence diagram labels is passed to `innerHTML` during calculatio... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-54876 | The Janssen Project is an open-source identity and access management (IAM) platform. In versions 1.9.0 and below, Janssen stores passwords in plaintex... | 0.0 | 0 | Neutral | No | No |