CVEs classified under CWE-84, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2025-58444: The MCP inspector is a developer tool for testing and debugging MCP servers. A cross-site scripting issue was reported in versions of the…
CVE-2024-52890 — CVSS 6.1 (medium): IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of…
CVE-2025-25329 — CVSS 5.5 (medium): An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user…
CVE-2025-25334 — CVSS 5.5 (medium): An issue in Suning Commerce Group Suning EMall iOS 9.5.198 allows attackers to access sensitive user information via supplying a crafted…
CVE-2025-25331 — CVSS 5.5 (medium): An issue in Beitatong Technology LianJia iOS 9.83.50 allows attackers to access sensitive user information via supplying a crafted link.
CVE-2025-25330 — CVSS 5.5 (medium): An issue in Boohee Technology Boohee Health iOS 13.0.13 allows attackers to access sensitive user information via supplying a crafted link.
CVE-2025-25326 — CVSS 5.5 (medium): An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user…
CVE-2025-25325 — CVSS 5.5 (medium): An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via…
CVE-2025-25324 — CVSS 5.5 (medium): An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a…
CVE-2025-25323 — CVSS 5.5 (medium): An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user…
CVE-2024-42184 — CVSS 2.5 (low): BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to…