Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-41714 | The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write and may be leveraged to achieve remote code execution. | 8.8 | 0.62% | 2025-09-10 | 2026-06-17 |
| CVE-2025-41701 | An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context. | 7.8 | 0.15% | 2025-09-09 | 2026-06-17 |
| CVE-2025-41708 | Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission. | 7.4 | 0.21% | 2025-09-08 | 2026-06-17 |
| CVE-2025-41682 | An authenticated, low-privileged attacker can obtain credentials stored on the charge controller including the manufacturer password. | 8.8 | 0.28% | 2025-09-08 | 2026-06-17 |
| CVE-2025-41664 | A low-privileged remote attacker could gain unauthorized access to critical resources, such as firmware and certificates, due to improper permission handling during the runtime of services (e.g., FTP/SFTP). This access could allow the attacker to escalate privileges and modify firmware. | 7.5 | 0.22% | 2025-09-08 | 2026-06-17 |
| CVE-2025-41690 | A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters. | 7.4 | 0.23% | 2025-09-02 | 2026-06-17 |
| CVE-2021-4459 | An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices. | 6.5 | 0.62% | 2025-08-27 | 2026-06-17 |
| CVE-2025-41702 | The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key. | 9.8 | 0.49% | 2025-08-26 | 2026-06-17 |
| CVE-2025-41689 | An unauthenticated remote attacker can get access without password protection to the affected device. This enables the unprotected read-only access to the stored measurement data. | 7.5 | 0.35% | 2025-08-19 | 2026-06-17 |
| CVE-2025-41685 | A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address. | 6.5 | 0.34% | 2025-08-19 | 2026-06-17 |
| CVE-2025-41686 | A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access. | 7.8 | 0.05% | 2025-08-12 | 2026-06-17 |
| CVE-2025-41698 | A low privileged local attacker can interact with the affected service although user-interaction should not be allowed. | 7.8 | 0.06% | 2025-08-05 | 2026-06-17 |
| CVE-2025-2810 | A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. | 5.5 | 0.06% | 2025-08-05 | 2026-06-17 |
| CVE-2025-41691 | An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition. | 7.5 | 0.50% | 2025-08-04 | 2026-06-17 |
| CVE-2025-41659 | A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted. | 8.3 | 0.20% | 2025-08-04 | 2026-06-17 |
| CVE-2025-41658 | CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. | 5.5 | 0.06% | 2025-08-04 | 2026-06-17 |
| CVE-2025-41688 | A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox. | 7.2 | 0.61% | 2025-07-31 | 2026-06-17 |
| CVE-2025-2813 | An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80. | 7.5 | 0.58% | 2025-07-31 | 2026-06-17 |
| CVE-2025-41687 | An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices. | 9.8 | 0.68% | 2025-07-23 | 2026-06-17 |
| CVE-2025-41684 | An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting). | 8.8 | 0.67% | 2025-07-23 | 2026-06-17 |