New assessment for topic: CVE-2025-47171

Topic description: "Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. ..."

"# Titles: Microsoft Outlook Remote Code Execution Vulnerability - RCE ..."

Link: https://attackerkb.com/assessments/34aa8491-16dd-409f-8756-8a2511f13250

New assessment for topic: CVE-2025-25257

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"Based upon the [technical analysis](https://labs.watchtowr.com/pre-auth-sql-injection-to-rce-fortinet-fortiweb-fabric-connector-cve-2025-25257/) by watchTowr, CVE-2025-25257 is an unauthenticated SQLi vulnerability that can be leveraged to achieve RCE with root privileges ..."

Link: https://attackerkb.com/assessments/1ee1ba51-2399-4e33-b559-c4a4f3383eda

New assessment for topic: CVE-2025-6543

Topic description: "Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server ..."

"The vendor [advisory](https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788) reported this as exploited in the wild prior to a patch being available, so an unknown threat actor was exploiting this as zero day vulnerability ..."

Link: https://attackerkb.com/assessments/1bebcdc8-a8b1-448c-9ef8-4bcf53928fde

New assessment for topic: CVE-2025-32756

Topic description: "A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie. ..."

"Based on the analysis by [Horizion3](https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/), we know this is an unauthenticated stack-based buffer overflow, affecting multiple Fortinet products; including FortiVoice, FortiRecorder, FortiNDR, FortiMail, and FortiCamera ..."

Link: https://attackerkb.com/assessments/48ad8648-f6c7-4bac-b3ec-1da270661584

New assessment for topic: CVE-2024-21888

Topic description: "A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator ..."

"The vendor [advisory](https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US) has indicated that this local privilege escalation vulnerability is located in the web component of Ivanti Connect Secure (ICS) ..."

Link: https://attackerkb.com/assessments/7ab4a4c3-68b5-42d8-bafa-e883d50b31ec

New assessment for topic: CVE-2024-50623

Topic description: "In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. ..."

"CVE-2024-50623 allows a remote unauthenticated attacker to both read arbitrary files from the target system and write arbitrary files to the target system ..."

Link: https://attackerkb.com/assessments/7aeff546-d30d-404c-9041-514368e07737

New assessment for topic: CVE-2025-5777

Topic description: "Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server ..."

"Based on two public analysis of this vulnerability ([here](https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/) and [here](https://horizon3.ai/attack-research/attack-blogs/cve-2025-5777-citrixbleed-2-write-up-maybe/)) we know an unauthenticated HTTP POST request to the `/p/u/doAuthentication.do` endpoint, that contains a HTTP form parameter with a name `login` and no value set, will force uninitialized memory to be disclosed in the HTTP response ..."

Link: https://attackerkb.com/assessments/f090e341-069f-42b0-aae6-a43626520938

New assessment for topic: CVE-2025-49677

Topic description: "Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. ..."

"This Proof of Concept (PoC) demonstrates an interactive SYSTEM shell exploit for CVE-2025-49677. ..."

Link: https://attackerkb.com/assessments/e6760ca6-2993-4378-a1ee-6629776b3f1a

New assessment for topic: CVE-2025-47176

Topic description: "'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. ..."

"This proof-of-concept (PoC) demonstrates the CVE-2025-47176 vulnerability simulation ..."

Link: https://attackerkb.com/assessments/3a4dccb4-b3ba-4472-b456-ee48151c7a73

New assessment for topic: CVE-2024-12632

Topic description: "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER ..."

"CVE-2024-12632 was initially assigned to an unauthenticated RCE vuln affecting Cleo Harmony, VLTrader, and LexiCom ..."

Link: https://attackerkb.com/assessments/6622d406-d786-4c93-8b21-e0eb4111928c

New assessment for topic: CVE-2025-47812

Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."

"On June 30, 2025 a detailed [technical analysis](https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/) of CVE-2025-47812 was published by the original finders, RCE Security ..."

Link: https://attackerkb.com/assessments/87c68e69-b095-4e8e-be12-22b17a329c9c

New assessment for topic: CVE-2025-32462

Topic description: "Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. ..."

"A lot of noise for medium local elevation of privilege (LEoP) that will impact very few real-life targets with non-default configurations using host specific rules. ..."

Link: https://attackerkb.com/assessments/4a82b217-70c7-415d-a0d9-fb5a3486d120

New assessment for topic: CVE-2024-51978

Topic description: "An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device ..."

"[Rapid7 disclosed](https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed/) this authentication bypass vulnerability on June 25, 2025 ..."

Link: https://attackerkb.com/assessments/8284a3e4-8c92-4a24-9c5c-e7bf8de063fe

New assessment for topic: CVE-2025-5306

Topic description: "Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection ..."

"In June 2025, PandoraFMS released a fix for the LTS version, which addresses a recent vulnerability, CVE-2025-5306, authenticated command injection in Netflow functionality ..."

Link: https://attackerkb.com/assessments/df7f187c-1624-40cb-bdaa-1c22c2b8d45f

New assessment for topic: CVE-2021-25094

Topic description: "The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory ..."

"Based on [technical analysis](https://darkpills.com/wordpress-tatsu-builder-preauth-rce-cve-2021-25094/), the `Attacker Value` of the vulnerability is **high** because it's a popular WordPress plugin that has been exploited in the wild ..."

Link: https://attackerkb.com/assessments/d28b05a0-23ee-4941-8c91-824c01b64b44

New assessment for topic: CVE-2025-47165

Topic description: "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. ..."

"# Titles: Microsoft Excel LTSC Professional Pilus 2021 - Microsoft® Word LTSC MSO (16.0.14334.20090) 64-bit - Remote Code Execution Bypass - ZIP (RCE) ..."

Link: https://attackerkb.com/assessments/1160a1ba-f757-485a-b938-37fc088197ef

New assessment for topic: CVE-2025-47957

Topic description: "Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. ..."

"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."

Link: https://attackerkb.com/assessments/4f9ad32a-1fc4-440e-b270-9d21cce44bf0

New assessment for topic: CVE-2025-4653

Topic description: "Improper Neutralization of Special Elements in the backup name field may allow OS command injection ..."

"I recently opened another box of Pandora ;-) and found some vulnerabilities. ..."

Link: https://attackerkb.com/assessments/5b2df46c-e99c-4e86-8fe9-22b639c85a47

New assessment for topic: CVE-2025-27751

Topic description: "Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. ..."

"# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af ..."

Link: https://attackerkb.com/assessments/aad43a7e-ca5a-469b-8fa7-b041e4b0861f

New assessment for topic: CVE-2025-33053

Topic description: "External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. ..."

"CVE-2025-33053 is a zero-day vulnerability that enables remote code execution (RCE) through abuse of how Windows processes resolve executable paths relative to the working directory ..."

Link: https://attackerkb.com/assessments/31876429-6c7c-4d98-9458-6805bedbbb56