Pulse Connect Secure is a virtual private network (VPN) solution that allows businesses to secure their data communications. It provides secure, streamlined access to corporate resources and applications from any device.

Ivanti Connect Secure

Ivanti Policy Secure is a cloud-based security solution that offers reliable access control for networks and applications. It ensures consistent enforcement of compliance by automating authentication and compliance checks across enterprise networks. The software combines user profiling, device assessment, and network access policy implementation for comprehensive security control.

Ivanti Policy Secure

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

CVE-2025-22457

Linux

Linux Kernel

NGINX Ingress Controller for Kubernetes (community-driven) is an Ingress Controller that manages the routing of external traffic to services inside a Kubernetes cluster, acting as a reverse proxy and load balancer. Developed and maintained by the Kubernetes community, this controller offers a wide range of features for traffic routing, SSL termination, and load balancing.

Ingress NGINX Controller (community-driven)

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

CVE-2025-1974

GoLang

GitHub Advisory Database

Windows

Windows Cumulative Update

FortiOS is Fortinet's operating system. It is the foundation of the Fortinet Security Fabric, consolidating many technologies and use cases into a single policy and management framework. FortiOS provides the ability to control all the security and networking capabilities in all FortiGate devices across the entire network with one operating system.

FortiOS

FortiProxy is a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection techniques such as web and video filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention, browser isolation, and advanced threat protection.

Fortinet FortiProxy

FortiGate Next Generation Firewall is a network security appliance by Fortinet.

FortiGate Next Generation Firewall (Virtual Appliance)

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

CVE-2023-25610

JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Next.js is a popular React-based framework for building server-side rendered and statically generated web applications. It provides a powerful set of features including automatic code splitting, optimized performance, and built-in routing.

Next.js

Next.js is a React framework for building full-stack web applications. Prior to 14.2.25 and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 14.2.25 and 15.2.3.

CVE-2025-29927

Anaconda

GitHub is a web-based Git repository hosting service, which offers all of the distributed revision control and source code management (SCM) functionality of Git, as well as adding its own features. Unlike Git, which is strictly a command-line tool, GitHub provides a web-based graphical interface and desktop as well as mobile integration.

GitHub

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.

CVE-2025-30154

The OpenSSH client allows establishing secure and authenticated SSH connections to SSH servers.

OpenSSH

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

CVE-2025-32728

Red Hat

Linux Red Hat

Red Hat Errata

Python is a high-level, general-purpose programming language. Its key feature is the high readability of the code. It supports multiple programming paradigms, including Object-Oriented Programming (OOP) and Functional Programming.

Python

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to 0.1.18, Xgrammar includes a cache for compiled grammars to increase performance with repeated use of the same grammar. This cache is held in memory. Since the cache is unbounded, a system making use of xgrammar can be abused to fill up a host's memory and case a denial of service. For example, sending many small requests to an LLM inference server with unique JSON schemas would eventually cause this denial of service to occur. This vulnerability is fixed in 0.1.18.

CVE-2025-32381

Rust is a multi-paradigm programming language focused on performance and safety, especially safe concurrency.

Rust

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive to validate. This could lead to excessive resource consumption and denial of service.  Apollo Router's usage of Apollo Compiler has been updated so that validation logic processes each named fragment only once, preventing redundant traversal. This has been remediated in apollo-router versions 1.61.2 and 2.1.1.

CVE-2025-32380

Koa is expressive middleware for Node.js using ES2017 async functions. In koa < 2.16.1 and < 3.0.0-alpha.5, passing untrusted user input to ctx.redirect() even after sanitizing it, may execute javascript code on the user who use the app. This issue is patched in 2.16.1 and 3.0.0-alpha.5.

CVE-2025-32379

PHP is a general-purpose scripting language that is especially suited for web development.

Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registered customers set to disabled, and Log-in & sign-up: Double opt-in on sign-up set to disabled. With these settings, anyone can register an account on the shop using any e-mail-address and then check the check-box in the account page to sign up for the newsletter. The recipient will receive two mails confirming registering and signing up for the newsletter, no confirmation link needed to be clicked for either. In the backend the recipient is set to “instantly active”. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-22457	CRITICAL	9.8	Ivanti Connect Secure	cpe:2.3:a:ivanti:policy_secure	Yes	Yes	Apr 03, 2025
CVE-2025-1974	CRITICAL	9.8	Ingress NGINX Controller (community-driven)	ingress-nginx-controller-1.12	No	Yes	Mar 25, 2025
CVE-2023-25610	CRITICAL	9.3	FortiOS	cpe:2.3:o:fortinet:fortios	No	Yes	Mar 24, 2025
CVE-2025-29927	CRITICAL	9.1	JavaScript	jitsucom-jitsu	No	Yes	Mar 21, 2025
CVE-2025-30154	HIGH	8.6	GitHub	N/A	Yes	No	Mar 19, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-32728	MEDIUM	N/A	OpenSSH	openssh	No	No	Apr 10, 2025
CVE-2025-32381	MEDIUM	N/A	Python	xgrammar	No	Yes	Apr 09, 2025
CVE-2025-32380	HIGH	N/A	Rust	apollo-router	No	Yes	Apr 09, 2025
CVE-2025-32379	MEDIUM	N/A	JavaScript	koa	No	Yes	Apr 09, 2025
CVE-2025-32378	MEDIUM	N/A	PHP	shopware/core	No	Yes	Apr 09, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud threat landscape

PEACH

Ready to see Wiz in action?