Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2025
CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-10-10
CVE-2025-11190
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-10-10
CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52634
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52650
Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0
CVSS Score
8.2
EPSS Score
0.0
Published
2025-10-10
CVE-2025-37727
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
CVSS Score
5.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52630
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue affects AION: 2.0.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52632
A Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability in HCL AION.This issue affects AION: 2.0.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-10
CVE-2025-25018
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
CVSS Score
8.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-30001
Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue.
CVSS Score
7.3
EPSS Score
0.002
Published
2025-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved