CVE Alert: CVE-2025-51865
Vulnerability Summary: CVE-2025-51865 Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference (IDOR),...
Month: July 2025
CVE Alert: CVE-2025-51864
Vulnerability Summary: CVE-2025-51864 A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to...
CVE Alert: CVE-2025-51859
Vulnerability Summary: CVE-2025-51859 Stored Cross-Site Scripting (XSS) vulnerability in Chaindesk thru 2025-05-26 in its agent chat component. An attacker can...
[INCRANSOM] – Ransomware Victim: Sementes Jotabasso
Ransomware Group: INCRANSOM VICTIM NAME: Sementes Jotabasso NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2025-8018
Vulnerability Summary: CVE-2025-8018 A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical....
CVE Alert: CVE-2025-8015
Vulnerability Summary: CVE-2025-8015 The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE Alert: CVE-2025-35966
Vulnerability Summary: CVE-2025-35966 A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8.1....
CVE Alert: CVE-2025-36520
Vulnerability Summary: CVE-2025-36520 A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message functionality of Bloomberg Comdb2 8.1....
CVE Alert: CVE-2025-51863
Vulnerability Summary: CVE-2025-51863 Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to execute arbitrary...
CVE Alert: CVE-2025-36512
Vulnerability Summary: CVE-2025-36512 A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...
CVE Alert: CVE-2025-51480
Vulnerability Summary: CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted...
CVE Alert: CVE-2025-46354
Vulnerability Summary: CVE-2025-46354 A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1....
CVE Alert: CVE-2025-48498
Vulnerability Summary: CVE-2025-48498 A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1 when processing...
CVE Alert: CVE-2025-51463
Vulnerability Summary: CVE-2025-51463 Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's...
HackerOne Bug Bounty Disclosure: gnutls-curlinfo-tls-session-curlinfo-tls-ssl-ptr-type-confusion-nyymi
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:nyymiLink to Submitters Profile:https://hackerone.com/nyymi Report Title:GnuTLS CURLINFO_TLS_SESSION / CURLINFO_TLS_SSL_PTR type confusionReport Link:https://hackerone.com/reports/3261248Date...
HackerOne Bug Bounty Disclosure: mint-oauth-access-token-for-targeted-user-timothyleung
Company Name: GitLab Company HackerOne URL: https://hackerone.com/gitlab Submitted By:timothyleungLink to Submitters Profile:https://hackerone.com/timothyleung Report Title:Mint Oauth2 access token for targeted userReport...
[NITROGEN] – Ransomware Victim: Palm Bay International
Ransomware Group: NITROGEN VICTIM NAME: Palm Bay International NOTE: No files or stolen information are by RedPacket Security. Any legal...
[AKIRA] – Ransomware Victim: OKA
Ransomware Group: AKIRA VICTIM NAME: OKA NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[AKIRA] – Ransomware Victim: Reimo
Ransomware Group: AKIRA VICTIM NAME: Reimo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[EVEREST] – Ransomware Victim: Vantage Finance
Ransomware Group: EVEREST VICTIM NAME: Vantage Finance NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[EVEREST] – Ransomware Victim: APL
Ransomware Group: EVEREST VICTIM NAME: APL NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[EVEREST] – Ransomware Victim: Watchfinder & Co
Ransomware Group: EVEREST VICTIM NAME: Watchfinder & Co NOTE: No files or stolen information are by RedPacket Security. Any legal...
[QILIN] – Ransomware Victim: DelCampo
Ransomware Group: QILIN VICTIM NAME: DelCampo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-8019
Vulnerability Summary: CVE-2025-8019 A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected...
