ZDI-25-1202: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1201: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1200: (0Day) Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1199: (0Day) Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1198: Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1197: Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not... 31/12/2025 Zero-Day Initiative
ZDI-25-1196: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 31/12/2025 Zero-Day Initiative
MongoDB Memory Disclosure Vulnerability Under Active Exploitation (CVE-2025-14847) (MongoBleed) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB vulnerability to its Known Exploited Vulnerabilities Catalog, acknowledging the active exploitation of the vulnerability. CISA... 30/12/2025 Qualys-Threat-Protect
ZDI-25-1195: (0Day) FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit... 30/12/2025 Zero-Day Initiative
ZDI-25-1194: (0Day) FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit... 30/12/2025 Zero-Day Initiative
