Reports
Threat Exposure Management Bytes

Top Notable Enterprise Remote Vulnerabilities

28-03-2025
A concise overview for IS leaders, emphasizing actively exploited vulnerabilities, their significance, and the critical need for remediation.
Download PDF
Subscribe
Currently Trending Enterprise Remote Vulnerabilities
Trending CVEs
Vulnerability
Notables
CVE-2025-29927
Vulnerability
Next.js Authorization Bypass
Notables
Proof of Concept Available, Actively Exploited
CVE-2024-10441
Vulnerability
Synology RCE
Notables
Limited Public Information Available
CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974
Vulnerability
Kubernetes Ingress-Nginx RCE (aka Ingress Nightmare)
Notables
Proof of Concept Available, Actively Exploited
CVE-2024-10553
Vulnerability
h2oai/h2o-3 REST API RCE
Notables
Limited Public Information Available
CVE-2024-47552
Vulnerability
Apache Seata Insecure Deserialization
Notables
Potential Risk of Exploitation
CVE-2024-42533
Vulnerability
Convivance StandVoice SQLi
Notables
Limited Public Information Available
CVE-2025-2319
Vulnerability
Shortcode Widget WordPress Plugin CSRF
Notables
Limited Public Information Available
CVE-2025-26137
Vulnerability
Systemic Risk Value LFI
Notables
Limited Public Information Available
CVE-2024-53678
Vulnerability
Apache VCL SQLi
Notables
Potential Risk of Exploitation
CVE-2025-2825
Vulnerability
CrushFTP Unauthenticated Access
Notables
Potential Risk of Exploitation
CVE-2025-26512
Vulnerability
NetApp SnapCenter Privilege Escalation
Notables
Potential Risk of Exploitation
CVE-2021-35587
Vulnerability
Oracle Fusion Middleware Server Takeover
Notables
Actively Exploited by Threat Actors
CVE-2025-30208
Vulnerability
Vite Dev Server LFI
Notables
Proof of Concept Available, Actively Exploited
CVE-2025-56325
Vulnerability
Apache Pinot Authentication Bypass
Notables
Potential Risk of Exploitation
CVE-2025-30154
Vulnerability
reviewdog/action‑setup GitHub Action Embedded Malicious Code
Notables
Potential Risk of Exploitation
CVE-2025-30772
Vulnerability
WooCommerce WPClever Missing Authorization
Notables
Limited Public Information Available
CVE-2025-30232
Vulnerability
Exim Privilege Escalation
Notables
Limited Public Information Available
CVE-2025-30353
Vulnerability
Directus Webhook Sensitive Data Exposure
Notables
Potential Risk of Exploitation
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Monitoring
AI/ML Assisted Discovery & Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Products

Continuous Threat Exposure Management
Vendor Security Management

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2024 NST Cyber Inc. All Rights Reserved.
Privacy Policy