Cisco Identity Services Engine (ISE) is a network administration and security platform that provides secure access control, device profiling, and policy enforcement. It enables organizations to manage network access across wired, wireless, and VPN connections while ensuring compliance with security policies.

Cisco ISE

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.

This vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
Note: If the Primary Administration node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the Primary Administration node is on-premises, then it is not affected.

CVE-2025-20286

Linux

Linux Kernel

Grafana is an open-source visualization and analytics software. It allows you to query, visualize, alert on, and explore your metrics and time-series database (TSDB) data.

Grafana

AlmaLinux OS is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release. AlmaLinux OS is a 1:1 binary compatible fork of RHEL®, guided and built by the community.

Alma Linux

Alibaba Cloud Linux (Aliyun Linux) OS is an open-source Linux distribution originated by the Alibaba Operating System team, aiming to deliver OS services with various functionalities, high performance, and stability to Alibaba Cloud Elastic Compute Service (ECS) customers.

Alibaba Cloud Linux (Aliyun Linux)

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Oracle Linux is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006. It is compiled from Red Hat Enterprise Linux source code, replacing Red Hat branding with Oracle's.

Linux Oracle

A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF.

The default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.

CVE-2025-4123

AlmaLinux

AlmaLinux Security Advisory

GoLang

GitHub Advisory Database

Red Hat

Red Hat Errata

Windows

Windows Cumulative Update

Versa Concerto is a cloud-native security platform that provides comprehensive network security and SD-WAN capabilities. It offers integrated security features such as next-generation firewall, intrusion prevention, and secure web gateway. Versa Concerto enables organizations to implement zero-trust network access and secure connectivity across distributed environments.

Versa concerto

The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

CVE-2025-34025

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use (TOCTOU) write in combination with a race condition to achieve remote code execution via path loading manipulation, allowing an unauthenticated actor to achieve remote code execution (RCE).This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

CVE-2025-34027

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

CVE-2025-34026

WordPress is a content management system paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system, referred to within WordPress as Themes.

WordPress

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'arttheme_theme_option_restore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete the theme option.

CVE-2025-1778

The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'ux_cb_page_options_save' function in all versions up to, and including, 3.16.2.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2025-1777

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL injection exploitable by users with relatively low privilege on the site, like subscribers.

CVE-2023-2921

PHP is a general-purpose scripting language that is especially suited for web development.

**Overview**
The Auth0 Symfony SDK contains a critical vulnerability due to insecure deserialization of cookie data. If exploited, since SDKs process cookie content without prior authentication, a threat actor could send a specially crafted cookie containing malicious serialized data.
**Am I Affected?**
You are affected by this vulnerability if you meet the following preconditions:
1. Applications using the Auth0 Symfony SDK, versions between 5.0.0 BETA-0 to 5.0.0. 
2. Auth0 Symfony SDK uses the Auth0-PHP SDK with version 8.0.0-BETA3 to 8.3.0.
**Fix**
Upgrade Auth0/symfony to the latest version (v5.4.0).
**Acknowledgement**
Okta would like to thank Andreas Forsblom for discovering this vulnerability.

GHSA-98j6-67v3-mw34

Composer

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-20286	CRITICAL	9.9	Cisco ISE	cpe:2.3:a:cisco:identity_services_engine	No	No	Jun 04, 2025
CVE-2025-4123	HIGH	7.6	Grafana	N/A	No	Yes	May 22, 2025
CVE-2025-34025	HIGH	8.6	Versa concerto	cpe:2.3:a:versa-networks:concerto	No	No	May 21, 2025
CVE-2025-34027	CRITICAL	10	Versa concerto	cpe:2.3:a:versa-networks:concerto	No	No	May 21, 2025
CVE-2025-34026	CRITICAL	9.2	Versa concerto	cpe:2.3:a:versa-networks:concerto	No	No	May 21, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-1778	MEDIUM	4.3	WordPress	N/A	No	Yes	Jun 06, 2025
CVE-2025-1777	MEDIUM	6.4	WordPress	N/A	No	Yes	Jun 06, 2025
CVE-2023-2921	N/A	N/A	WordPress	N/A	No	No	Jun 06, 2025
GHSA-98j6-67v3-mw34	CRITICAL	9.3	PHP	auth0/symfony	No	Yes	Jun 06, 2025
CVE-2025-5745	MEDIUM	5.6	Linux Debian	glibc	No	No	Jun 05, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud threat landscape

PEACH

Ready to see Wiz in action?