Publicly disclosed vulnerabilities discovered by or reported to Fluid Attacks

Search by term

Search filters

Discovered by

All

Severity

All

Our pentesters

OpenSupports 4.11.0 — SSRF via test imap and smtp endpoints

6.9

Medium

CVE-2025-10695

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

MacForge 1.2.0 Beta 1 - Local Privilege Escalation

8.5

High

CVE-2025-10751

Published date:

Oct 3, 2025

Discovered by

Oscar Uribe

Our pentesters

OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list

7.1

High

CVE-2025-10696

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

OpenSupports 4.11.0 — SQL Injection

7.1

High

CVE-2025-10692

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

is-localhost-ip 2.0.0 - SSRF via Restrictions bypass

6.9

Medium

CVE-2025-9960

Published date:

Sep 22, 2025

Discovered by

Cristian Vargas

Our pentesters

Ghost 6.0.6 - SSRF via oEmbed Bookmark

6.1

Medium

CVE-2025-9862

Published date:

Sep 17, 2025

Discovered by

Cristian Vargas

External pentesters

Calix Gigacenter ONT - Command Injection

8.5

High

CVE-2025-54084

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

External pentesters

Calix GigaCenter ONT firmware - Sensitive Information Disclosure

5.1

Medium

CVE-2025-54083

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

Load more

Search by term

Search filters

Discovered by

All

Severity

All

Our pentesters

OpenSupports 4.11.0 — SSRF via test imap and smtp endpoints

6.9

Medium

CVE-2025-10695

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

MacForge 1.2.0 Beta 1 - Local Privilege Escalation

8.5

High

CVE-2025-10751

Published date:

Oct 3, 2025

Discovered by

Oscar Uribe

Our pentesters

OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list

7.1

High

CVE-2025-10696

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

OpenSupports 4.11.0 — SQL Injection

7.1

High

CVE-2025-10692

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

is-localhost-ip 2.0.0 - SSRF via Restrictions bypass

6.9

Medium

CVE-2025-9960

Published date:

Sep 22, 2025

Discovered by

Cristian Vargas

Our pentesters

Ghost 6.0.6 - SSRF via oEmbed Bookmark

6.1

Medium

CVE-2025-9862

Published date:

Sep 17, 2025

Discovered by

Cristian Vargas

External pentesters

Calix Gigacenter ONT - Command Injection

8.5

High

CVE-2025-54084

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

External pentesters

Calix GigaCenter ONT firmware - Sensitive Information Disclosure

5.1

Medium

CVE-2025-54083

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

Load more

Search by term

Search filters

Discovered by

All

Severity

All

Our pentesters

OpenSupports 4.11.0 — SSRF via test imap and smtp endpoints

6.9

Medium

CVE-2025-10695

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

MacForge 1.2.0 Beta 1 - Local Privilege Escalation

8.5

High

CVE-2025-10751

Published date:

Oct 3, 2025

Discovered by

Oscar Uribe

Our pentesters

OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list

7.1

High

CVE-2025-10696

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

OpenSupports 4.11.0 — SQL Injection

7.1

High

CVE-2025-10692

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

is-localhost-ip 2.0.0 - SSRF via Restrictions bypass

6.9

Medium

CVE-2025-9960

Published date:

Sep 22, 2025

Discovered by

Cristian Vargas

Our pentesters

Ghost 6.0.6 - SSRF via oEmbed Bookmark

6.1

Medium

CVE-2025-9862

Published date:

Sep 17, 2025

Discovered by

Cristian Vargas

External pentesters

Calix Gigacenter ONT - Command Injection

8.5

High

CVE-2025-54084

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

External pentesters

Calix GigaCenter ONT firmware - Sensitive Information Disclosure

5.1

Medium

CVE-2025-54083

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

Load more

Search by term

Search filters

Discovered by

All

Severity

All

Our pentesters

OpenSupports 4.11.0 — SSRF via test imap and smtp endpoints

6.9

Medium

CVE-2025-10695

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

MacForge 1.2.0 Beta 1 - Local Privilege Escalation

8.5

High

CVE-2025-10751

Published date:

Oct 3, 2025

Discovered by

Oscar Uribe

Our pentesters

OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list

7.1

High

CVE-2025-10696

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

OpenSupports 4.11.0 — SQL Injection

7.1

High

CVE-2025-10692

Published date:

Oct 3, 2025

Discovered by

Cristian Vargas

Our pentesters

is-localhost-ip 2.0.0 - SSRF via Restrictions bypass

6.9

Medium

CVE-2025-9960

Published date:

Sep 22, 2025

Discovered by

Cristian Vargas

Our pentesters

Ghost 6.0.6 - SSRF via oEmbed Bookmark

6.1

Medium

CVE-2025-9862

Published date:

Sep 17, 2025

Discovered by

Cristian Vargas

External pentesters

Calix Gigacenter ONT - Command Injection

8.5

High

CVE-2025-54084

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

External pentesters

Calix GigaCenter ONT firmware - Sensitive Information Disclosure

5.1

Medium

CVE-2025-54083

Published date:

Sep 9, 2025

Discovered by

Danilo Erazo

Load more

Learn about our policy for disclosing advisories of vulnerabilities in third-party, open-source products.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which organizations of all sizes are already enjoying.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which organizations of all sizes are already enjoying.

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which organizations of all sizes are already enjoying.

Fluid Attacks' solutions enable organizations to identify, prioritize, and remediate vulnerabilities in their software throughout the SDLC. Supported by AI, automated tools, and pentesters, Fluid Attacks accelerates companies' risk exposure mitigation and strengthens their cybersecurity posture.

Subscribe to our newsletter

Stay updated on our upcoming events and latest blog posts, advisories and other engaging resources.

© 2025 Fluid Attacks. We hack your software.

Fluid Attacks' solutions enable organizations to identify, prioritize, and remediate vulnerabilities in their software throughout the SDLC. Supported by AI, automated tools, and pentesters, Fluid Attacks accelerates companies' risk exposure mitigation and strengthens their cybersecurity posture.

Subscribe to our newsletter

Stay updated on our upcoming events and latest blog posts, advisories and other engaging resources.

© 2025 Fluid Attacks. We hack your software.

Fluid Attacks' solutions enable organizations to identify, prioritize, and remediate vulnerabilities in their software throughout the SDLC. Supported by AI, automated tools, and pentesters, Fluid Attacks accelerates companies' risk exposure mitigation and strengthens their cybersecurity posture.

Subscribe to our newsletter

Stay updated on our upcoming events and latest blog posts, advisories and other engaging resources.

© 2025 Fluid Attacks. We hack your software.