Top Reported Known Exploitable Issues:
Here is the complete list of vulnerabilities for this month that we’ve updated within our platform, to be treated as a priority:
CVE-2025-41225 | Broadcom VMware
CVE-2025-41225 is an ‘authenticated command-execution’ vulnerability in vCenter Server with a CVSSv3 score of 8.8. An attacker with privileges to create/modify alarms and configure script actions could perform arbitrary code execution (ACE) on the vCenter Server.
CVE-2025-24076 | Microsoft Windows Cross Device Service
Microsoft Windows: CVE-2025-24076: Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability. Updated exploit code found in ExploitDB.
CVE-2025-47577 | TI WooCommerce Wishlist
Tracked as CVE-2025-47577, the vulnerability carries a CVSS score of 10.0. It affects all versions of the plugin below and including 2.9.2 released on November 29, 2024. There is currently no patch available.
CVE-2024-42009 | Roundcube
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.
CVCVE-2025-32433 | Erlang/OTP SSH
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
CVE-2025-4919 | Mozilla Firefox
CVE-2025-4919 is an ‘out-of-bounds access when optimizing linear sums’ vulnerability. If exploited, could allow an attacker to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes.
CVE-2025-49113 | Roundcube
Roundcube has released versions 1.6.11 and 1.5.10 for its Webmail product. The updated versions address a critical severity vulnerability in the Webmail product. CVE-2025-49113 has a CVSSv3 score of 9.9 and is a “deserialisation of untrusted data” vulnerability. An authenticated remote attacker could exploit this vulnerability to achieve remote code execution.
CVE-2025-21479 | Qualcomm
Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed to the company by the Google Android Security team, are listed below – CVE-2025-21479 and CVE-2025-21480 (CVSS score: 8.6) – Two incorrect authorization vulnerabilities in the Graphics component that could result in memory corruption due to unauthorized command execution in GPU microcode while executing a specific sequence of commands CVE-2025-27038 (CVSS score: 7.5) – A use-after-free vulnerability in the Graphics component that could result in memory corruption while rendering graphics using Adreno GPU drivers in Chrome “There are indications from Google Threat Analysis Group that CVE-2025-21479, CVE-2025-21480, CVE-2025-27038 may be under limited, targeted exploitation,” Qualcomm said in an advisory.
CVE-2025-24016 | Wazuh server
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using as_wazuh_object (in framework/wazuh/core/cluster/common.py). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.
CVE-2025-4918 | Mozilla Firefox
CVE-2025-4918 is an ‘out-of-bounds access when resolving promise objects’ vulnerability. If exploited, could allow an attacker to perform an out-of-bounds read or write on a JavaScript Promise object.
CVE-2025-43200 | Apple
The attacks occurred in early 2025, and Apple sent a notification to the two victims on April 29 informing that they had been targeted by “advanced spyware.” The threat actor used Paragon’s Graphite spyware platform to target the victims’ iPhone devices running iOS 18.2.1 and exploit CVE-2025-43200, which was a zero-day vulnerability at the time.
CVE-2024-57727 | SimpleHelp
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.
CVE-2025-5943 | DICOM Viewer
CVE-2025-5943 could allow a remote unauthenticated attacker to execute arbitrary code on affected installations of DICOM Viewer.
CVE-2025-0944 | Cityworks
CVE-2025-0944 (CVSS score: 8.6) refers to the deserialization of untrusted data vulnerability affecting the GIS-centric asset management software that could enable remote code execution. The vulnerability, since patched, was added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in February 2025.
CVE-2025-20286 | Cisco
Cisco has released software updates for its Identity Service Engine (ISE). The updates address a critical severity vulnerability in the ISE product. Cisco Identity Services Engine (ISE) is a context-aware policy service to control access and threats across wired, wireless, and VPN networks. CVE-2025-20286 has a CVSSv3 score of 9.9 and is a “use of hard-coded password” vulnerability. An attacker could exploit this vulnerability to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
CVE-2025-41229 | Broadcom VMware
CVE-2025-41229 is a ‘directory traversal’ vulnerability in VMware Cloud Foundation with a CVSSv3 score of 8.2. An attacker with network access to port 443 could gain access to certain internal services within VMware Cloud Foundation.
CVE-2025-5307 | DICOM Viewer Pro
The US Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Medical Advisory for a vulnerability in Santesoft Sante DICOM Viewer Pro. Sante DICOM Viewer Pro is an application for viewing, processing, and editing DICOM-format medical images. CVE-2025-5307 has a CVSSv4 score of 8.4 and is an ‘out-of-bounds read’ vulnerability, which means that the product reads data past the end, or before the beginning, of the intended memory buffer. A local attacker could exploit this vulnerability to disclose sensitive information or execute arbitrary code. Active user interaction is required for successful exploitation.
