PT-2026-51141

Name of the Vulnerable Software and Affected Versions WooCommerce version 7.1.0 Description A remote code execution flaw exists in the 'class-wc-meta-box-product-images.php' endpoint. The product-type parameter is passed without proper sanitization, allowing an attacker to inject shell commands a...

CVE-2025-62225

The vulnerability CVE-2025-62225 affects Sony Optical Disc Archive Software (Windows). The root cause is an unquoted Windows service path, which allows a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. Affected component is the Windows service reg...

EUVD-2025-29685

Malicious code in bioql PyPI...

CVE-2025-57699

The vulnerability CVE-2025-57699 affects Western Digital Kitfox for Windows. The issue is an unquoted file path in a Windows service, enabling a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. Root cause: unquoted service path. Affected products/v...

The vulnerability of the FTP server of the Internet Information Services network services on the XP-8741-Atom industrial controller allows a hacker to perform write operations on the root directory of the FTP server.

The vulnerability of the FTP server of the Internet Information Services network services on the XP-8741-Atom controller is due to deficiencies in the access restrictions for the anonymous user. Exploiting this vulnerability allows a malicious actor to perform write operations to the root directo...