Latest Cybersecurity Vulnerabilities - Real-Time Updates
Stay ahead of cybersecurity threats with real-time updates on the latest vulnerabilities.
This page lists the 30 most recently disclosed Common Vulnerabilities and Exposures (CVEs),
including risk scores, affected vendors, and mitigation insights.
Keeping track of emerging threats helps security professionals protect their systems.
Latest 30 CVEs - Real-Time Cyber Threats
Cyber threats are constantly evolving, making real-time vulnerability tracking essential.
Below are the 30 most recently disclosed Common Vulnerabilities and Exposures (CVEs),
providing key details such as affected vendors, impact levels, and risk scores.
Each CVE entry includes a brief summary and a direct link to its full details,
enabling cybersecurity professionals, system administrators, and developers to quickly assess
and mitigate potential security risks.
-
CVE-2025-8804 Active Threat Alert
A vulnerability has been found in Open5GS up to 2.7.5 and classified as problematic. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 10:15 UTC (only 37 minutes ago)
-
CVE-2025-8803 Active Threat Alert
A vulnerability, which was classified as problematic, was found in Open5GS up to 2.7.5. Affected is the function gmm_state_de_registered/gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 1f30edac27f69f61cff50162e980fe58fdeb30ca. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 10:15 UTC (only 37 minutes ago)
-
CVE-2025-8802 Significant Vulnerability Warning
A vulnerability classified as problematic was found in Open5GS up to 2.7.5. This vulnerability affects the function smf_state_operational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version v2.7.6 is able to address this issue. The patch is identified as f168f7586a4fa536cee95ae60ac437d997f15b97. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 09:15 UTC (only 1 hour ago)
-
CVE-2025-8801 Significant Vulnerability Warning
A vulnerability classified as problematic has been found in Open5GS up to 2.7.5. This affects the function gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is f47f2bd4f7274295c5fbb19e2f806753d183d09a. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 09:15 UTC (only 1 hour ago)
-
CVE-2025-8800 Exploit & Mitigation Report
A vulnerability was found in Open5GS up to 2.7.5. It has been rated as problematic. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 08:15 UTC (only 2 hours ago)
-
CVE-2025-8799 Exploit & Mitigation Report
A vulnerability was found in Open5GS up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is the function amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context of the file src/amf/npcf-build.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is named cf63dd63197bf61a4b041aa364ba6a6199ab15e4. It is recommended to upgrade the affected component.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 08:15 UTC (only 2 hours ago)
-
CVE-2025-8798 Exploitable Vulnerability Warning
A vulnerability was found in oitcode samarium up to 0.9.6. It has been classified as critical. Affected is an unknown function of the file /dashboard/product of the component Create Product Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Score: 7.3/10
🔥 Very High Risk
Published on 10 Aug 2025, 07:15 UTC (only 3 hours ago)
-
CVE-2025-8797 High-Risk Security Alert
A vulnerability was found in LitmusChaos Litmus up to 3.19.0 and classified as critical. This issue affects some unknown processing of the component LocalStorage Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 6.3/10
🔥 High Risk
Published on 10 Aug 2025, 07:15 UTC (only 3 hours ago)
-
CVE-2025-8796 Significant Vulnerability Warning
A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/delete_project/ of the component Delete Request Handler. The manipulation of the argument projectID leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 5.4/10
🚨 Significant Risk
Published on 10 Aug 2025, 06:15 UTC (only 4 hours ago)
-
CVE-2025-8795 Critical Risk Assessment
A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 6.3/10
🔥 High Risk
Published on 10 Aug 2025, 06:15 UTC (only 4 hours ago)
-
CVE-2025-8794 Active Threat Alert
A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to 3.19.0. Affected by this issue is some unknown functionality of the component LocalStorage Handler. The manipulation of the argument projectID leads to authorization bypass. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 5.3/10
🚨 Significant Risk
Published on 10 Aug 2025, 05:15 UTC (only 5 hours ago)
-
CVE-2025-8793 Cybersecurity Threat Advisory
A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument projectID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 4.3/10
⚠️ Medium Risk
Published on 10 Aug 2025, 04:15 UTC (only 6 hours ago)
-
CVE-2025-8792 Security Flaw Alert
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 4.3/10
⚠️ Medium Risk
Published on 10 Aug 2025, 04:15 UTC (only 6 hours ago)
-
CVE-2025-8791 High-Risk Security Alert
A vulnerability was found in LitmusChaos Litmus up to 3.19.0. It has been rated as critical. This issue affects some unknown processing of the file /auth/list_projects. The manipulation of the argument role leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 6.3/10
🔥 High Risk
Published on 10 Aug 2025, 04:15 UTC (only 6 hours ago)
-
CVE-2025-52136 Minor Security Flaw
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.
Score: 3.0/10
🟢 Low Risk
Published on 10 Aug 2025, 04:15 UTC (only 6 hours ago)
-
CVE-2025-8790 Security Flaw Alert
A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been declared as critical. This vulnerability affects unknown code of the file /module/Api/pessoa of the component API Endpoint. The manipulation of the argument ID leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 4.3/10
⚠️ Medium Risk
Published on 10 Aug 2025, 03:15 UTC (only 7 hours ago)
-
CVE-2025-8789 Cybersecurity Threat Advisory
A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 4.3/10
⚠️ Medium Risk
Published on 10 Aug 2025, 03:15 UTC (only 7 hours ago)
-
CVE-2025-8788 Moderate Vulnerability Alert
A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 3.5/10
⚠️ Moderate Risk
Published on 10 Aug 2025, 03:15 UTC (only 7 hours ago)
-
CVE-2025-8787 Vulnerability Report
A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 3.5/10
⚠️ Moderate Risk
Published on 10 Aug 2025, 02:15 UTC (only 8 hours ago)
-
CVE-2025-8786 Moderate Vulnerability Alert
A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Score: 3.5/10
⚠️ Moderate Risk
Published on 10 Aug 2025, 01:15 UTC (only 9 hours ago)
What are CVEs?
A Common Vulnerability and Exposure (CVE) is a publicly disclosed cybersecurity flaw
that can be exploited by attackers to compromise software, systems, or networks.
The CVE system is maintained by The CVE Program
and provides a unique identifier for each vulnerability.
CVEs are assigned a severity score using the Common Vulnerability Scoring System (CVSS),
which helps security teams prioritize their response to threats.
Why Tracking CVEs is Important?
Keeping track of the latest CVEs is crucial for organizations and IT security professionals.
Cybercriminals frequently exploit unpatched vulnerabilities to launch ransomware attacks, data breaches, and system takeovers.
By staying updated with the latest threats, companies can apply security patches,
adjust firewall rules, and implement security policies to minimize risks.