Top Notable Enterprise Remote Vulnerabilities
28-03-2025
A concise overview for IS leaders, emphasizing actively exploited vulnerabilities, their significance, and the critical need for remediation.
Currently Trending Enterprise Remote Vulnerabilities
Trending CVEs
Vulnerability
Notables
CVE-2025-29927
Vulnerability
Next.js Authorization Bypass
Notables
Proof of Concept Available, Actively Exploited
CVE-2024-10441
Vulnerability
Synology RCE
Notables
Limited Public Information Available
CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974
Vulnerability
Kubernetes Ingress-Nginx RCE (aka Ingress Nightmare)
Notables
Proof of Concept Available, Actively Exploited
CVE-2024-10553
Vulnerability
h2oai/h2o-3 REST API RCE
Notables
Limited Public Information Available
CVE-2024-47552
Vulnerability
Apache Seata Insecure Deserialization
Notables
Potential Risk of Exploitation
CVE-2024-42533
Vulnerability
Convivance StandVoice SQLi
Notables
Limited Public Information Available
CVE-2025-2319
Vulnerability
Shortcode Widget WordPress Plugin CSRF
Notables
Limited Public Information Available
CVE-2025-26137
Vulnerability
Systemic Risk Value LFI
Notables
Limited Public Information Available
CVE-2024-53678
Vulnerability
Apache VCL SQLi
Notables
Potential Risk of Exploitation
CVE-2025-2825
Vulnerability
CrushFTP Unauthenticated Access
Notables
Potential Risk of Exploitation
CVE-2025-26512
Vulnerability
NetApp SnapCenter Privilege Escalation
Notables
Potential Risk of Exploitation
CVE-2021-35587
Vulnerability
Oracle Fusion Middleware Server Takeover
Notables
Actively Exploited by Threat Actors
CVE-2025-30208
Vulnerability
Vite Dev Server LFI
Notables
Proof of Concept Available, Actively Exploited
CVE-2025-56325
Vulnerability
Apache Pinot Authentication Bypass
Notables
Potential Risk of Exploitation
CVE-2025-30154
Vulnerability
reviewdog/action‑setup GitHub Action Embedded Malicious Code
Notables
Potential Risk of Exploitation
CVE-2025-30772
Vulnerability
WooCommerce WPClever Missing Authorization
Notables
Limited Public Information Available
CVE-2025-30232
Vulnerability
Exim Privilege Escalation
Notables
Limited Public Information Available
CVE-2025-30353
Vulnerability
Directus Webhook Sensitive Data Exposure
Notables
Potential Risk of Exploitation