CVSS: 4.6EPSS: %CPEs: 2EXPL: 0CVE-2025-53928 – MaxKB has RCE in MCP call
https://notcve.org/view.php?id=CVE-2025-53928
17 Jul 2025 — MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue. • https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.6EPSS: %CPEs: 1EXPL: 0CVE-2025-53927 – MaxKB sandbox bypass
https://notcve.org/view.php?id=CVE-2025-53927
17 Jul 2025 — Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. • https://github.com/1Panel-dev/MaxKB/releases/tag/v2.0.0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2023-47356
https://notcve.org/view.php?id=CVE-2023-47356
17 Jul 2025 — Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds. • https://gist.github.com/night-0p/8d414bfef1cb16539da67e122d91e8da •
CVSS: 8.8EPSS: %CPEs: 1EXPL: 0CVE-2025-3740 – School Management System for Wordpress <= 93.1.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update
https://notcve.org/view.php?id=CVE-2025-3740
17 Jul 2025 — This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • https://codecanyon.net/item/school-management-system-for-wordpress/11470032#item-description__update-history • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-53867
https://notcve.org/view.php?id=CVE-2025-53867
17 Jul 2025 — Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL. • http://www.webbatch.com •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6222 – WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User Wallet <= 3.2.6 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-6222
17 Jul 2025 — The WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User Wallet theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ced_rnx_order_exchange_attach_files' function in all versions up to, and including, 3.2.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://codecanyon.net/item/woocommerce-refund-and-exchange/17810207#item-description__changelog • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: %CPEs: 1EXPL: 0CVE-2025-7438 – MasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-7438
17 Jul 2025 — The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'install_and_activate_plugin' function in all versions up to, and including, 4.7.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://www.wordfence.com/threat-intel/vulnerabilities/id/1ab970f5-35d1-43e9-891c-87a2a3e464c6?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-34129 – LILIN DVR RCE via Malicious FTP/NTP Configuration
https://notcve.org/view.php?id=CVE-2025-34129
16 Jul 2025 — A command injection vulnerability exists in LILIN LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobo... • https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2025-34128 – X360 VideoPlayer ActiveX Control Buffer Overflow via ConvertFile()
https://notcve.org/view.php?id=CVE-2025-34128
16 Jul 2025 — An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/x360_video_player_set_text_bof.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2025-34127 – Achat v0.150 SEH Buffer Overflow via UDP
https://notcve.org/view.php?id=CVE-2025-34127
16 Jul 2025 — By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/achat_bof.rb • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-121: Stack-based Buffer Overflow •