LiveActive security incident?Get immediate response
CVE archive

October 2025

Browse CVE records published in October 2025, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 3688 matching CVEs · Page 1 of 74.

High · CVSS 7.2

CVE-2025-54658: An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in...

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port.

Published Oct 16, 2025 · Updated Jul 8, 2026

Medium · CVSS 4.9

CVE-2025-53951: An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in...

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to LocalService via sending a crafted request to a local listening port.

Published Oct 16, 2025 · Updated Jul 8, 2026

Medium · CVSS 4.5

CVE-2025-31366: An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability in Fort...

An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiSASE 25.2.a may allow an unauthenticated attacker to perform a reflected cross site scripting (XSS) via crafted HTTP requests.

Published Oct 14, 2025 · Updated Jul 8, 2026

Low · CVSS 2.5

CVE-2025-47890: An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 thro...

An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiSASE 25.2.a may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests.

Published Oct 14, 2025 · Updated Jul 8, 2026

Medium · CVSS 4.3

CVE-2025-60511: Moodle OpenAI Chat Block plugin 3.0.1 (2025021700) suffers from an Insecure Direct Object Reference (IDOR)...

Moodle OpenAI Chat Block plugin 3.0.1 (2025021700) suffers from an Insecure Direct Object Reference (IDOR) vulnerability due to insufficient validation of the blockId parameter in /blocks/openai_chat/api/completion.php. An authenticated student can impersonate another user's block (e.g., administrator) and send queries that are executed with that block's configuration. This can expose administrator-only Source of Truth entries, alter model behavior, and potentially misuse API resources.

Published Oct 21, 2025 · Updated Jul 5, 2026

High · CVSS 7.2

CVE-2025-61524: An issue in the permission verification module and organization/application editing interface in Casdoor v2...

An issue in the permission verification module and organization/application editing interface in Casdoor v2.26.0 and before, and fixed in v.2.63.0, allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after login

Published Oct 8, 2025 · Updated Jul 5, 2026

High · CVSS 7.5

CVE-2025-61301: Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-...

Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.

Published Oct 20, 2025 · Updated Jul 5, 2026

Medium · CVSS 5.8

CVE-2025-60898: An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri endpoint of Ha...

An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri endpoint of Halo CMS 2.21 allows a remote attacker to cause the server to issue HTTP requests to attacker-controlled URLs, including internal addresses. The endpoint performs a server-side GET to a user-supplied URI without adequate allow/blocklist validation and returns a 307 redirect that can disclose internal URLs in the Location header.

Published Oct 29, 2025 · Updated Jul 5, 2026

Medium · CVSS 6.5

CVE-2025-60641: The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize(base64_decode(...

The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize(base64_decode($_POST['mexcel'])), where $_POST['mexcel'] is user-controlled input. This input is decoded from base64 and deserialized without validation or use of the allowed_classes option, allowing an attacker to inject arbitrary PHP objects. This can lead to malicious behavior, such as Remote Code Execution (RCE), SQL Injection, Path Traversal, or Denial of Service, depending on the availability of exploitable classes in the Vfront codebase or its dependencies.

Published Oct 16, 2025 · Updated Jul 5, 2026

High · CVSS 8.1

CVE-2025-60378: Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary...

Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business email compromise. Automated recurring invoices and messaging amplify the risk by distributing malicious content to multiple recipients.

Published Oct 10, 2025 · Updated Jul 5, 2026

Medium · CVSS 4.1

CVE-2025-60308: code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in...

code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information

Published Oct 10, 2025 · Updated Jul 5, 2026

Critical · CVSS 9.1

CVE-2025-57567: A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the mini...

A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory (/themes/defaut/css/minify.php). An authenticated administrator user can overwrite this file with arbitrary PHP code via the admin panel, enabling execution of system commands.

Published Oct 17, 2025 · Updated Jul 5, 2026