Customer portal
CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 03 November 2025

by Amir Hadzipasic
November 3, 2025

 

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

 

 

1.  CVE-2025-59287

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-59287

 

 

2. CVE-2025-8088

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.

https://nvd.nist.gov/vuln/detail/CVE-2025-8088

 

 

3. CVE-2025-24990

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-24990

 

 

4. CVE-2025-47827

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-47827

 

 

5. CVE-2025-59218

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59218

 

 

6. CVE-2025-59226

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59226

 

 

7. CVE-2025-59227

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59227

 

 

8. CVE-2025-59230

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59230

 

 

9. CVE-2025-59249

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59249

 

 

10. CVE-2025-59252

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

https://nvd.nist.gov/vuln/detail/CVE-2025-59252

 

cve chatter weekly top tenCVE intelligenceSOS Intelligence
Previous
The SOS Intelligence CVE Chatter Weekly Top Ten – 10 November 2025
Next
The SOS Intelligence CVE Chatter Weekly Top Ten –
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound
Save