NVD disclosure day

Published threat advisories for September 3, 2025

CVE-2025-53690

Sitecore Products Vulnerable to Code Injection.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Certain Sitecore products face a code injection risk due to a vulnerability in handling untrusted data. This could allow unauthorized code execution, impacting business operations.

NVD published: September 3, 2025 • CISA KEV

CVE advisoryCRITICAL

CVE-2025-1740

Akinsoft MyRezzta Authentication Bypass and Password Recovery Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Akinsoft MyRezzta allows for authentication bypass, potentially enabling unauthorized access and password recovery through brute force. This issue could expose sensitive system and user data if the application is reachable. It is important to confirm if this technology is in use and exposed to unders

NVD published: September 3, 2025