Browse CVEs
145,138 medium severity vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2025-12578 | The Reuters Direct plugin for WordPress is vulnerable to ... | Medium | 4.3 | Low Risk | Unpatched (18d) | 27-Nov-25 |
| CVE-2025-13143 | The Poll, Survey & Quiz Maker Plugin by Opinion Stage plu... | Medium | 4.3 | Low Risk | Unpatched (18d) | 27-Nov-25 |
| CVE-2025-10476 | The WP Fastest Cache plugin for WordPress is vulnerable t... | Medium | 4.3 | Low Risk | Unpatched (18d) | 27-Nov-25 |
| CVE-2025-59454 | In Apache CloudStack, a gap in access control checks affe... | Medium | 4.3 | Low Risk | Unpatched (18d) | 27-Nov-25 |
| CVE-2025-12971 | The Folders – Unlimited Folders to Organize Media Library... | Medium | 4.3 | Low Risk | Unpatched (18d) | 27-Nov-25 |
| CVE-2025-13765 | Exposure of email service credentials to users without ad... | Medium | 4.3 | Low Risk | Patched | 27-Nov-25 |
| CVE-2025-12559 | Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1,... | Medium | 4.3 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-59820 | In KDE Krita before 5.2.13, loading a manipulated TGA fil... | Medium | 6.7 | Low Risk | Patched | 26-Nov-25 |
| CVE-2025-65956 | Formwork is a flat file-based Content Management System (... | Medium | 6.5 | Medium Risk | Patched | 26-Nov-25 |
| CVE-2025-66260 | PostgreSQL SQL Injection (status_sql.php) in DB Electroni... | Medium | 6.5 | Low Risk | Unpatched (19d) | 26-Nov-25 |