High Risk

A crafted PDF file could exploit CVE-2026-34621 in Adobe Acrobat Reader. Understand the risk, attack path, and how to stay protected

CVE-2025-57820 is a high-severity prototype pollution vulnerability in the Svelte devalue library (versions before 5.3.2). A crafted input to devalue.parse can modify object prototypes by exploiting unchecked __proto__ properties, leading to serious application-level risks. This issue is resolved in version 5.3.2. Vulnerability Details of CVE-2025-57820 Exploitation Path An attacker can send a specially crafted string…

CVE‑2025‑36630 is a newly identified high-severity vulnerability affecting Tenable Nessus on Windows systems (versions prior to 10.8.5). The flaw allows non-administrative users to overwrite arbitrary system files with data from application logs running as SYSTEM, potentially enabling full privilege escalation. Vulnerability Details < CVE ID CVE‑2025‑36630 Unique ID to track this vulnerability. Affected Software Tenable…

CVE-2025-49127 is a recently disclosed high-severity vulnerability affecting Kafbat UI, a web interface for managing Apache Kafka clusters. The flaw allows unauthenticated attackers to execute arbitrary code on the server via unsafe deserialization in version 1.0.0. This vulnerability has been addressed in version 1.1.0. Vulnerability Details Exploitation Path The vulnerability arises from unsafe deserialization in…