Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-48018 | An authenticated user can modify application state data. | 7.5 | 0.13% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48017 | Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files | 9.0 | 0.39% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48016 | OpenFlow discovery protocol can exhaust resources because it is not rate limited | 4.3 | 0.18% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48015 | Failed login response could be different depending on whether the username was local or central. | 3.7 | 0.20% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48014 | Password guessing limits could be bypassed when using LDAP authentication. | 7.5 | 0.36% | 2025-05-20 | 2026-06-17 |
| CVE-2025-46750 | SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set. | 4.4 | 0.15% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46749 | An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. | 4.3 | 0.22% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46748 | An authenticated user attempting to change their password could do so without using the current password. | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46747 | An authenticated user without user-management permissions could identify other user accounts. | 5.7 | 0.26% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46746 | An administrator could discover another account's credentials. | 5.8 | 0.19% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46745 | An authenticated user without user-management permissions could view other users account information. | 6.5 | 0.26% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46744 | An authenticated administrator could modify the Created By username for a user account | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46743 | An authenticated user's token could be used by another source after the user had logged out prior to the token expiring. | 6.3 | 0.06% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46742 | Users who were required to change their password could still access system information before changing their password | 4.3 | 0.17% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46741 | A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred. | 5.7 | 0.06% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46740 | An authenticated user without user administrative permissions could change the administrator Account Name. | 7.5 | 0.27% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46739 | An unauthenticated user could discover account credentials via a brute-force attack without rate limiting | 8.1 | 0.33% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46738 | An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. | 6.6 | 0.15% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46737 | SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. | 7.4 | 0.08% | 2025-05-12 | 2026-06-17 |
| CVE-2024-2103 | Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 | 6.5 | 0.46% | 2024-04-04 | 2026-06-17 |