This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.
There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.
We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.
If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!
1. CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
https://nvd.nist.gov/vuln/detail/CVE-2025-55182
2. CVE-2025-59718
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.
https://nvd.nist.gov/vuln/detail/CVE-2025-59718
3. CVE-2025-42880
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.
https://nvd.nist.gov/vuln/detail/CVE-2025-42880
4. CVE-2025-62557
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-62557
5. CVE-2025-61808
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-61808
6. CVE-2025-59719
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-59719
7. CVE-2025-62221
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-62221
8. CVE-2025-55754
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-55754
9. CVE-2025-62554
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-62554
10. CVE-2025-42928
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://nvd.nist.gov/vuln/detail/CVE-2025-42928