Our Vulnerability Research

Common Vulnerabilities and Exposures

SAP security alert for CVE-2025-24870 indicating a critical threat level for insecure secrets management exposing plaintext credentials and access to banking transactions and enterprise data.

What This Vulnerability Research Portfolio Represents

Discoveries That Matter

Our vulnerability research team reverse engineers your enterprise software to find the 0-days that threaten your infrastructure - before attackers do.

Enterprise Focus

The vulnerabilities below affect systems organizations use: SAP. IBM. Check Point. F5. BMC. Microsoft. Rapid7. Cyberark.

Logos of five technology companies: IBM, Check Point, Microsoft, SAP, and CyberArk on a black background.

Current Research

We identified a wide range of CVEs across various industries - each of the vulnerabilities have been assigned a threat level ranging from critical to low. We pride ourselves in beating others to identify critical CVEs in large infrastructure for orgasations such as IBM and Microsoft.

Sorty by Threat level
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
CVE-2025-4081
Threat level
High

TCC bypass via dylib substitution in DaVinci Resolve allows malicious applications to access protected system resources

See more
CVE-2025-3864
Threat level
Medium

Connection pool exhaustion in Hackney HTTP client library allows remote attackers to cause denial of service

See more
CVE-2025-36857
Threat level
Medium

Broken access control in Rapid7 AppSpider Pro < 7.5.021 allows standard users to place configuration files in directories belonging to other users/projects, potentially overriding security settings

See more
CVE-2025-25242
Threat level
Medium

Cross-site scripting in SAP NetWeaver Application Server ABAP allows injection of malicious scripts into web interfaces

See more
CVE-2025-24870
Threat level
High

Insecure key and secret management in SAP GUI stores encryption keys in recoverable format allowing credential theft

See more
CVE-2025-22274
Threat level
Medium

HTML injection in CyberArk Endpoint Privilege Manager allows attackers to inject arbitrary HTML content

See more
CVE-2025-22273
Threat level
Medium

Missing rate limiting on password change in CyberArk EPM allows brute-force attacks against user accounts

See more
CVE-2025-22272
Threat level
Medium

Self-reflected XSS in CyberArk Endpoint Privilege Manager allows script execution via crafted requests

See more
CVE-2025-22271
Threat level
Medium

IP spoofing vulnerability in CyberArk Endpoint Privilege Manager allows attackers to bypass IP-based access controls

See more
CVE-2025-22270
Threat level
Medium

Stored cross-site scripting in CyberArk Endpoint Privilege Manager allows persistent script injection in management console

See more
CVE-2025-22165
Threat level
High

Local privilege escalation in Atlassian Sourcetree for Mac allows local attackers to execute arbitrary code with elevated privileges

See more
CVE-2025-2098
Threat level
High

Dylib hijacking in Fast CAD Reader allows local attackers to execute arbitrary code by placing malicious libraries

See more
CVE-2025-1983
Threat level
Medium

Cross-site scripting in Ready_ Symfonia eDokumenty document management system allows injection of malicious scripts

See more
CVE-2025-1982
Threat level
High

Local file inclusion in Ready_ Symfonia eDokumenty allows attackers to read arbitrary files from the server filesystem

See more
CVE-2025-1981
Threat level
High

SQL injection in Ready_ Symfonia eDokumenty allows attackers to execute arbitrary SQL queries against the backend database

See more

We map your systems before testing how they break.

That's why critical findings usually show up outside the original scope - attackers don't respect scope documents.

Book a consultation
arrow_right [#333] Created with Sketch.

Security Assessment Services FAQ

Questions enterprise security teams ask before partnering with AFINE for security assessments.

Is AFINE ISO 27001 certified and what compliance frameworks do you support?

Yes, AFINE is ISO 27001 certified. Beyond certification, we maintain operational security excellence built through 10 years of enterprise work. Our security assessment services support DORA, PCI DSS, SOC 2, ISO 27001, TIBER-EU, NESA, and FCA compliance. We've conducted hundreds of assessments for regulated institutions like PKO BP, ING Bank, and BGK.

What certifications and specialized expertise does AFINE team hold?

Every team member holds minimum OSCP or eWPTX certification. Our researchers average 7-10 years offensive security experience with OSCE, OSWE, OSED, OSEP, CRTO, CSSA, CISSP, CISA, and BSCP certifications. We've published CVEs in SAP, Microsoft, CyberArk, Palo Alto, F5, IBM, and other enterprise software.

What makes AFINE different from other penetration testing vendors?

We've published 150+ CVEs in enterprise software and understand how attackers exploit complex systems beyond automated scanning. Our manual testing finds business logic flaws and attack chains others miss. Isabel Group confirmed we "keep finding critical issues where other pentesters have not found them." Our 10-year exclusive focus on banking, critical infrastructure, and healthcare environments means we understand compliance and production system safety.