CVE Trends

CVE-2025-2492 is a vulnerability found in ASUS routers, specifically affecting those with the AiCloud feature enabled. It stems from improper authentication controls within the router's firmware. This flaw allows attackers to bypass security checks by sending crafted requests to the router. By doing so, they can potentially execute unauthorized functions remotely without requiring any authentication.

CVE-2025-42599 is a stack-based buffer overflow vulnerability found in Active! mail 6 BuildInfo version 6.60.05008561 and earlier. This vulnerability can be exploited by a remote, unauthenticated attacker sending a specially crafted request. Successful exploitation could lead to arbitrary code execution or a denial-of-service (DoS) condition.

CVE-2025-31200 is a memory corruption vulnerability that exists in Apple's CoreAudio framework. This vulnerability can be triggered when processing an audio stream within a maliciously crafted media file. Successful exploitation of this vulnerability could allow for arbitrary code execution on the affected device. Apple has addressed this issue with improved bounds checking in tvOS 18.4.1, visionOS 2.4.1, iOS and iPadOS 18.4.1, and macOS Sequoia 15.4.1. It was reported that this vulnerability may have been exploited in targeted attacks against specific individuals.

CVE-2025-31201 is a vulnerability in RPAC (Return Pointer Authentication Code), a security feature designed to prevent return-oriented programming attacks. The vulnerability allows an attacker with arbitrary read and write capabilities to bypass Pointer Authentication. Apple addressed this issue by removing the vulnerable code in tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1 and iPadOS 18.4.1, and macOS Sequoia 15.4.1. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.

CVE-2024-3059 affects the ENL Newsletter WordPress plugin through version 1.0.1. The plugin lacks CSRF (Cross-Site Request Forgery) checks in certain areas. This vulnerability could allow attackers to trick logged-in administrators into deleting arbitrary campaigns via a CSRF attack. An attacker could achieve this by enticing an administrator to open a crafted URL, leading to unintended campaign deletion.

CVE-2025-24054 is a vulnerability in Windows NTLM that involves external control of the file name or path, potentially allowing an unauthorized attacker to perform spoofing over a network. The vulnerability can be exploited using a maliciously crafted .library-ms file. Active exploitation of CVE-2025-24054 has been observed in the wild since March 19, 2025. Attackers can potentially leak NTLM hashes or user passwords, compromising systems. Exploitation can be triggered with minimal user interaction, such as right-clicking, dragging and dropping, or simply navigating to a folder containing the malicious file.

CVE-2025-27520 is a Remote Code Execution (RCE) vulnerability found in BentoML, a Python library used for building online serving systems optimized for AI applications and model inference. This vulnerability exists due to insecure deserialization in the `serde.py` file. The vulnerability allows unauthenticated users to execute arbitrary code on the server by sending malicious data payloads as HTTP requests. Specifically, the `deserialize_value()` function deserializes input data without proper validation, enabling attackers to inject malicious payloads that trigger the execution of arbitrary code when deserialized. The vulnerability affects BentoML versions 1.3.8 through 1.4.2 and has been fixed in version 1.4.3.

CVE-2025-3248 is a code injection vulnerability that affects Langflow versions prior to 1.3.0. It exists in the `/api/v1/validate/code` endpoint, where a remote, unauthenticated attacker can send crafted HTTP requests to execute arbitrary code on the server. This vulnerability allows attackers to gain control of vulnerable Langflow servers without needing authentication. To remediate this vulnerability, users are advised to upgrade to Langflow version 1.3.0 or restrict network access to the application.

CVE-2025-32433 is a vulnerability found in the Erlang/OTP SSH server. It stems from a flaw in the SSH protocol message handling, which allows an attacker with network access to execute arbitrary code on the server without authentication. Specifically, the vulnerability enables a malicious actor to send connection protocol messages before authentication takes place. Successful exploitation could lead to full compromise of the host, unauthorized access, manipulation of sensitive data, or denial-of-service attacks.

CVE-2024-53141 is a vulnerability in the Linux kernel's netfilter subsystem, specifically within the ipset component. The flaw stems from a missing range check in the `bitmap_ip_uadt` function when handling `IPSET_ATTR_CIDR` parameters. The vulnerability occurs when `tb[IPSET_ATTR_IP_TO]` is absent, but `tb[IPSET_ATTR_CIDR]` is present, causing the `ip` and `ip_to` values to be swapped. This oversight leads to an out-of-bounds memory access, potentially allowing attackers to manipulate memory outside the intended boundaries.