PULSE
LIVE12signals / 24h
FEED
ransomkrybit reclama a euroins.bg · BG · Financial Servicesransomnova reclama a FMZ Tecnologia em Sistemas · BR · Technologyransomqilin reclama a Heartland Catfish · US · Agriculture and Food Productionransomqilin reclama a Salina Supply · US · Business Servicesransomqilin reclama a St Martha Catholic Church · US · Consumer Servicesransomqilin reclama a The Nueva School · US · Educationransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomkrybit reclama a euroins.bg · BG · Financial Servicesransomnova reclama a FMZ Tecnologia em Sistemas · BR · Technologyransomqilin reclama a Heartland Catfish · US · Agriculture and Food Productionransomqilin reclama a Salina Supply · US · Business Servicesransomqilin reclama a St Martha Catholic Church · US · Consumer Servicesransomqilin reclama a The Nueva School · US · Educationransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technology
← All CVEs
CVE WatchJul 5, 2026

CVE-2025-65854

Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full acco

CVSS

9.8

Critical

EPSS

0.4%

p35

KEV

Exploit Today

10

0-100

Published: Dec 12, 2025 · Last modified: Jul 5, 2026 · CWE-94

EPSS · 30d
0.4%EPSS · 30 days0.5%
2026-06-302026-07-18
Technical description

Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full account takeover.

Official references
Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-32489.8 CRI
100.0%
KEV80Langflow Missing Authentication Vulnerability4d
CVE-2026-341978.8 HIG
99.9%
KEV80Apache ActiveMQ Improper Input Validation Vulnerability4d
CVE-2026-154107.2 HIG
71.1%
KEV71SonicWall SMA1000 Appliances Code Injection Vulnerability3d
CVE-2025-670389.8 CRI
55.3%
KEV67Lantronix EDS5000 Code Injection Vulnerability13d
CVE-2021-416539.8 CRI
99.5%
30The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.10d
CVE-2023-362558.8 HIG
99.0%
30An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.10d