Common Vulnerabilities and Exposures (CVE)

CVE-2025-5518

Jun 5, 2026 14:16:30 UTC

Authorization Bypass Through User-Controlled Key vulnerability with user privileges in ArgusTech BILGER allows Exploitation of Trusted Identifiers. This issue affects BILGER: before 2.4.6.

CVE-2026-11220

Jun 5, 2026 14:16:14 UTC

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severit...

CVE-2025-5519

Jun 5, 2026 14:15:00 UTC

Insertion of Sensitive Information Into Sent Data vulnerability in ArgusTech BILGER allows Choosing Message Identifier. This issue affects BILGER: before 2.4.6.

CVE-2025-5681

Jun 5, 2026 14:13:48 UTC

Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers. This issue affects Eyotek: before 23.06.2025.

CVE-2026-11221

Jun 5, 2026 14:13:02 UTC

Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity...

CVE-2026-11222

Jun 5, 2026 14:11:36 UTC

Incorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-5997

Jun 5, 2026 14:09:21 UTC

Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse. This issue affects PhishPro: before 7.5.4.2.

CVE-2025-6060

Jun 5, 2026 14:08:04 UTC

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DECE Software Geodi allows Cross-Site Scripting (XSS). This issue affects Geodi: before GEODI Setup 9.0.146.

CVE-2025-6175

Jun 5, 2026 14:07:12 UTC

Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi allows HTTP Request Splitting. This issue affects Geodi: before GEODI Setup 9.0.146.

CVE-2025-6396

Jun 5, 2026 14:06:07 UTC

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webbeyaz Website Design Website Software allows Cross-Site Scripting (XSS). This issue affects Website Software: through 2025.07.1...

CVE-2025-6397

Jun 5, 2026 14:04:57 UTC

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026.  NOTE...

CVE-2025-6520

Jun 5, 2026 14:03:31 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Abis Technology BAPSIS allows Blind SQL Injection. This issue affects BAPSIS: before 202510271606.

CVE-2025-6575

Jun 5, 2026 14:02:33 UTC

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dolusoft Omaspot allows Reflected XSS. This issue affects Omaspot: before 12.09.2025.

CVE-2025-6830

Jun 5, 2026 14:01:35 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda Türkiye Information Technology Inc. Password Module allows SQL Injection. This issue affects Password Module: through 11022026.

CVE-2025-6918

Jun 5, 2026 14:00:39 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ncvav Virtual PBX Software allows SQL Injection. This issue affects Virtual PBX Software: before 09.07.2025.