CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3346 matches found

OSV•added 2025/10/22 8:45 p.m.•3 views

CVE-2025-62612 FastGPT File Reading Node SSRF Vulnerability

FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading node, the network link is not security-verified, posing a risk of SSRF attacks. This issue has been patched in version 4.11.1...

6.9CVSS6.8AI score0.00199EPSS

Exploits0References3

NVD•added 2025/10/18 6:15 a.m.•3 views

CVE-2025-11738

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS0.00375EPSS

Exploits0References3

RedhatCVE•added 2025/10/18 4:45 a.m.•3 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS7.2AI score0.00752EPSS

Exploits0References1

NVD•added 2025/10/17 4:16 a.m.•1 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS

Exploits0References2

CVE•added 2025/10/17 3:41 a.m.•9 views

CVE-2025-11898

Flowring’s Agentflow is affected by CVE-2025-11898, an Arbitrary File Reading vulnerability exposed via Relative Path Traversal. Unauthenticated remote attackers can download arbitrary system files, highlighting a high confidentiality impact and network-based, low-complexity exploitation (no user...

8.7CVSS6.9AI score0.00752EPSS

Exploits0References2

EUVD•added 2025/10/17 3:41 a.m.•2 views

EUVD-2025-34860

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.8AI score0.00752EPSS

Exploits0References3

Vulnrichment•added 2025/10/17 3:41 a.m.•1 views

CVE-2025-11898 Flowring Technology｜Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.9AI score0.00752EPSS

Exploits0References2

Cvelist•added 2025/10/17 3:41 a.m.•8 views

CVE-2025-11898 Flowring Technology｜Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS

Exploits0References2

CVE•added 2025/10/16 5:56 p.m.•12 views

CVE-2025-34517

Ilevia EVE X1 Server firmware

8.7CVSS6.5AI score0.00604EPSS

Exploits3References3Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-18952

Malware in sbrugna...

6.5CVSS6.5AI score0.01019EPSS

Exploits1References3