GoAnywhere MFT is a secure managed file transfer (MFT) software solution that allows businesses to securely exchange files with trading partners, customers, and internal systems.

GoAnywhere MFT

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

CVE-2025-10035

Linux

Linux Kernel

Windows

Windows Cumulative Update

A cloud-native network security solution that provides enterprise-grade security features including firewall, IPS, antivirus, and VPN capabilities for cloud environments. WatchGuard Firebox Cloud is designed to protect workloads running in public cloud platforms like AWS and Azure, offering unified security management and policy enforcement across hybrid infrastructures.

WatchGuard Firebox

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

CVE-2025-9242

The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.

CVE-2025-59361

GoLang

GitHub Advisory Database

Citrix ADC is an application delivery controller that analyzes application-specific traffic to distribute, optimize, and secure Layer 4-Layer 7 (L4–L7) network traffic intelligently for web applications.

Citrix ADC VPX

Citrix ADC CPX is a container-based application delivery controller that can be provisioned on a Docker host. Citrix ADC CPX enables customers to leverage Docker engine capabilities and use Citrix ADC load balancing and traffic management features for container-based applications.

Citrix ADC CPX

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers 

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers

(OR)

CR virtual server with type HDX

CVE-2025-7775

Docker Desktop is an application for MacOS and Windows machines, aimed at developers and system administrators. It enables them to build and share containerized applications and microservices. Docker Desktop includes Docker Engine, Docker CLI, Docker Compose, and is fully integrated with the machine’s filesystem and networking.

Docker Desktop

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled.
This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.

CVE-2025-9074

C# is a general-purpose, multi-paradigm programming language encompassing strong typing, lexically scoped, imperative, declarative, functional, generic, object-oriented (class-based), and component-oriented programming disciplines.

## Summary
Users can use special syntax to inject javascript code in their profile biography field. Although there was sanitization in place, it did not cover all possible scenarios
## Description
When embedding information in the `Biography` field, even if that field is not rich-text, users could inject javascript code that would run in the context of the website and to any other user that can view the profile including administrators and/or superusers.

GHSA-7rcc-q6rq-jpcm

NuGet

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.1.0, arbitrary themes can be loaded through query parameters. If an installed theme had a vulnerability, even if it was not used on any page, this could be loaded on unsuspecting clients without knowledge of the site owner. This issue has been patched in version 10.1.0.

CVE-2025-59535

JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Codex CLI is a coding agent from OpenAI that runs locally. In versions 0.2.0 to 0.38.0, due to a bug in the sandbox configuration logic, Codex CLI could treat a model-generated cwd as the sandbox’s writable root, including paths outside of the folder where the user started their session. This logic bypassed the intended workspace boundary and enables arbitrary file writes and command execution where the Codex process has permissions - this did not impact the network-disabled sandbox restriction. This issue has been patched in Codex CLI 0.39.0 that canonicalizes and validates that the boundary used for sandbox policy is based on where the user started the session, and not the one generated by the model. Users running 0.38.0 or earlier should update immediately via their package manager or by reinstalling the latest Codex CLI to ensure sandbox boundaries are enforced. If using the Codex IDE extension, users should immediately update to 0.4.12 for a fix of the sandbox issue.

CVE-2025-59532

Linux openSUSE

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.

CVE-2025-47910

Alpine

Alpine Security Tracker

Flowise is an open-source UI visual tool for building customized LLM flows. It allows users to drag and drop components to create AI workflows, chatbots, and agents. Flowise provides a user-friendly interface to design and deploy AI applications without extensive coding knowledge.

Flowise

Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-10035	CRITICAL	10	GoAnywhere MFT	cpe:2.3:a:fortra:goanywhere_managed_file_transfer	No	Yes	Sep 18, 2025
CVE-2025-9242	CRITICAL	9.3	WatchGuard Firebox	cpe:2.3:o:watchguard:fireware	No	Yes	Sep 17, 2025
CVE-2025-59361	CRITICAL	9.8	N/A	github.com/chaos-mesh/chaos-mesh	No	Yes	Sep 15, 2025
CVE-2025-7775	CRITICAL	9.2	Citrix ADC VPX	cpe:2.3:a:citrix:netscaler_application_delivery_controller	Yes	Yes	Aug 26, 2025
CVE-2025-9074	CRITICAL	9.3	Docker Desktop	cpe:2.3:a:docker:desktop	No	Yes	Aug 20, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
GHSA-7rcc-q6rq-jpcm	MEDIUM	6.3	C#	DotNetNuke.Core	No	Yes	Sep 22, 2025
CVE-2025-59535	MEDIUM	6.5	C#	DotNetNuke.Core	No	Yes	Sep 22, 2025
CVE-2025-59532	HIGH	8.6	JavaScript	@openai/codex	No	Yes	Sep 22, 2025
CVE-2025-47910	N/A	N/A	Linux openSUSE	go1.25	No	Yes	Sep 22, 2025
CVE-2025-59528	CRITICAL	10	Flowise	flowise	No	Yes	Sep 22, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?