CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 22:53:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/docs/api/v1/epss_top.json

47 lines
2.1 KiB
JSON
Raw Permalink Blame History

{
"generated": "2025-12-17",
"items": [
{
"cve": "CVE-2025-8943",
"epss": 0.6583,
"percentile": 0.98431,
"poc_count": 1,
"summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks ro..."
},
{
"cve": "CVE-2025-8518",
"epss": 0.33903,
"percentile": 0.96794,
"poc_count": 1,
"summary": "A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation l..."
},
{
"cve": "CVE-2025-8730",
"epss": 0.11861,
"percentile": 0.93482,
"poc_count": 2,
"summary": "A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-c..."
},
{
"cve": "CVE-2025-7795",
"epss": 0.096,
"percentile": 0.926,
"poc_count": 3,
"summary": "A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument pa..."
},
{
"cve": "CVE-2025-9090",
"epss": 0.0924,
"percentile": 0.92438,
"poc_count": 4,
"summary": "A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible..."
},
{
"cve": "CVE-2025-8085",
"epss": 0.07832,
"percentile": 0.91666,
"poc_count": 1,
"summary": "The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs."
}
]
}
Reference in New Issue View Git Blame Copy Permalink