NVD disclosure day
CVE-2025-68613
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in n8n's workflow automation platform allows authenticated attackers to execute arbitrary code. This could lead to full compromise of the affected instance, including unauthorized access to sensitive data and modification of workflows, posing a significant business risk.
CVE-2025-1928
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A critical vulnerability in the Restajet Online Food Delivery System allows unauthorized account access by exploiting excessive authentication attempts during password recovery. The system is publicly accessible and can be targeted remotely by unauthenticated attackers, potentially leading to the compromise of sensitiv
CVE-2025-14847
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
Mismatched length fields in MongoDB Server's Zlib compressed protocol headers can permit an unauthenticated client to read uninitialized heap memory. This impacts data confidentiality and presents a business risk of unauthorized information exposure. Organizations should identify affected instances and apply vendor upd
CVE-2025-14733
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in WatchGuard Fireware OS allows remote code execution through its VPN services. This affects organizations using Mobile User VPN or Branch Office VPN with IKEv2 and a dynamic gateway peer. Exploitation could lead to data compromise and service disruption.