Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-28272

Malicious code in bioql PyPI...

6.6CVSS6.4AI score0.00261EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/06/01 6:35 a.m.6 views

CVE-2025-48880

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, when an administrative account is a deleting a user, there is the the possibility of a race condition occurring. This issue has been patched in version 1.8.181...

6.6CVSS6.9AI score0.00261EPSS
Exploits1References1
NVD
NVDadded 2025/05/30 7:15 a.m.8 views

CVE-2025-48875

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of lastname and firstname during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted...

5.4CVSS0.00188EPSS
Exploits1References2
OSV
OSVadded 2025/05/30 6:26 a.m.2 views

CVE-2025-48875 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of lastname and firstname during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted...

4.6CVSS6.3AI score0.00188EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/05/30 6:26 a.m.4 views

CVE-2025-48875 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of lastname and firstname during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted...

4.6CVSS6.2AI score0.00188EPSS
Exploits1References2
CVE
CVEadded 2025/05/30 6:26 a.m.45 views

CVE-2025-48875

CVE-2025-48875 affects FreeScout prior to version 1.8.181, where incorrect validation of last_name and first_name during profile data updates enables injection of arbitrary JavaScript. The attacker could trigger XSS when the affected data is deleted (described as a flesh-message in some sources)....

5.4CVSS6AI score0.00188EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/05/27 12:0 a.m.1 views

PT-2025-65: Race Condition in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to influence the order of execution in multithreaded code because of improper synchronization, leading to unintended actions. Vulnerability status: Confirmed by vendor Da...

6.6CVSS6AI score0.00261EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/05/27 12:0 a.m.2 views

PT-2025-64: Stored Cross-site scripting in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to store malicious HTML/JavaScript scripts that is later executed in other users’ browsers due to insufficient input validation and sanitization. Vulnerability status:...

5.4CVSS5.8AI score0.00188EPSS
Exploits1References1
Rows per page
Query Builder