CVE Alert: CVE-2025-2571
Vulnerability Summary: CVE-2025-2571 Mattermost versions 10.7.x
Month: May 2025
CVE Alert: CVE-2025-1792
Vulnerability Summary: CVE-2025-1792 Mattermost versions 10.7.x
CVE Alert: CVE-2025-4598
Vulnerability Summary: CVE-2025-4598 A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to...
CVE Alert: CVE-2025-0602
Vulnerability Summary: CVE-2025-0602 A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through...
CVE Alert: CVE-2025-48331
Vulnerability Summary: CVE-2025-48331 Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders & Customers Exporter allows Retrieve...
CVE Alert: CVE-2024-7097
Vulnerability Summary: CVE-2024-7097 An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin...
CVE Alert: CVE-2025-4984
Vulnerability Summary: CVE-2025-4984 A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x...
CVE Alert: CVE-2025-4983
Vulnerability Summary: CVE-2025-4983 A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x...
CVE Alert: CVE-2025-3611
Vulnerability Summary: CVE-2025-3611 Mattermost versions 10.7.x
CVE Alert: CVE-2024-7096
Vulnerability Summary: CVE-2024-7096 A privilege escalation vulnerability exists in multiple products due to a business logic flaw in SOAP admin...
[DEVMAN] – Ransomware Victim: lantro[.]com
Ransomware Group: DEVMAN VICTIM NAME: lantrocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: public-github-repositories-for-multiple-hackerone-managed-triage-team-profiles-contain-private-hackerone-reports-information-w-w
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:w2wLink to Submitters Profile:https://hackerone.com/w2w Report Title:Public GitHub repositories for multiple HackerOne managed...
[QILIN] – Ransomware Victim: radicon
Ransomware Group: QILIN VICTIM NAME: radicon NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[STORMOUS] – Ransomware Victim: Volkswagen Group
Ransomware Group: STORMOUS VICTIM NAME: Volkswagen Group NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
BugCrowd Bug Bounty Disclosure: P5 – RXSS On https://www1-2-pz.sewp.nasa.gov/ – asjadbutt
RXSS On https://www1-2-pz.sewp.nasa.gov/ RXSS On https://www1-2-pz.sewp.nasa.gov/ Researcher: asjadbutt Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...
BugCrowd Bug Bounty Disclosure: P5 – Apollo 13 Onboard Voice Transcription for Potential Data Exposure – suyashksawant
Apollo 13 Onboard Voice Transcription for Potential Data Exposure Apollo 13 Onboard Voice Transcription for Potential Data Exposure Researcher: suyashksawant...
CVE Alert: CVE-2025-4989
Vulnerability Summary: CVE-2025-4989 A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release...
CVE Alert: CVE-2025-4991
Vulnerability Summary: CVE-2025-4991 A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x...
CVE Alert: CVE-2025-3230
Vulnerability Summary: CVE-2025-3230 Mattermost versions 10.7.x
CVE Alert: CVE-2025-4992
Vulnerability Summary: CVE-2025-4992 A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE...
CVE Alert: CVE-2025-4990
Vulnerability Summary: CVE-2025-4990 A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through...
CVE Alert: CVE-2024-42191
Vulnerability Summary: CVE-2024-42191 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an...
CVE Alert: CVE-2025-4988
Vulnerability Summary: CVE-2025-4988 A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in Multidisciplinary Optimization Engineer from Release 3DEXPERIENCE R2022x...
CVE Alert: CVE-2024-23589
Vulnerability Summary: CVE-2024-23589 Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using...
