CVE

CVE Alert: CVE-2025-53097

June 28, 2025

Vulnerability Summary: CVE-2025-53097 Roo Code is an AI-powered autonomous coding agent. Prior to version 3.20.3, there was an issue where...

CVE Alert: CVE-2025-48923

June 28, 2025

Vulnerability Summary: CVE-2025-48923 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site Scripting...

CVE Alert: CVE-2025-48922

June 28, 2025

Vulnerability Summary: CVE-2025-48922 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GLightbox allows Cross-Site Scripting...

CVE Alert: CVE-2025-48921

June 28, 2025

Vulnerability Summary: CVE-2025-48921 Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open...

CVE Alert: CVE-2025-52573

June 28, 2025

Vulnerability Summary: CVE-2025-52573 iOS Simulator MCP Server (ios-simulator-mcp) is a Model Context Protocol (MCP) server for interacting with iOS simulators....

CVE Alert: CVE-2025-5966

June 28, 2025

Vulnerability Summary: CVE-2025-5966 Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments...

CVE Alert: CVE-2025-6677

June 28, 2025

Vulnerability Summary: CVE-2025-6677 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Paragraphs table allows Cross-Site...

CVE Alert: CVE-2025-6676

June 28, 2025

Vulnerability Summary: CVE-2025-6676 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Simple XML sitemap allows...

CVE Alert: CVE-2025-6695

June 28, 2025

Vulnerability Summary: CVE-2025-6695 A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This issue affects some unknown...

CVE Alert: CVE-2025-6694

June 28, 2025

Vulnerability Summary: CVE-2025-6694 A vulnerability has been found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This vulnerability affects unknown...

CVE Alert: CVE-2025-5682

June 28, 2025

Vulnerability Summary: CVE-2025-5682 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Klaro Cookie & Consent...

CVE Alert: CVE-2025-6675

June 27, 2025

Vulnerability Summary: CVE-2025-6675 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal...

CVE Alert: CVE-2025-6707

June 27, 2025

Vulnerability Summary: CVE-2025-6707 Under certain conditions, an authenticated user request may execute with stale privileges following an intentional change by...

CVE Alert: CVE-2025-6710

June 27, 2025

Vulnerability Summary: CVE-2025-6710 MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON...

CVE Alert: CVE-2025-6709

June 27, 2025

Vulnerability Summary: CVE-2025-6709 The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific...

CVE Alert: CVE-2025-6674

June 27, 2025

Vulnerability Summary: CVE-2025-6674 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CKEditor5 Youtube allows Cross-Site...

CVE Alert: CVE-2025-29331

June 27, 2025

Vulnerability Summary: CVE-2025-29331 An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code...

CVE Alert: CVE-2025-6706

June 27, 2025

Vulnerability Summary: CVE-2025-6706 An authenticated user may trigger a use after free that may result in MongoDB Server crash and...

CVE Alert: CVE-2025-53002

June 27, 2025

Vulnerability Summary: CVE-2025-53002 LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in...

CVE Alert: CVE-2024-56915

June 27, 2025

Vulnerability Summary: CVE-2024-56915 Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting (XSS) via the RSS...

CVE Alert: CVE-2025-52902

June 27, 2025

Vulnerability Summary: CVE-2025-52902 File Browser provides a file managing interface within a specified directory and it can be used to...

CVE Alert: CVE-2025-6696

June 27, 2025

Vulnerability Summary: CVE-2025-6696 A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been classified as problematic. Affected is an...

CVE Alert: CVE-2025-6697

June 27, 2025

Vulnerability Summary: CVE-2025-6697 A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been declared as problematic. Affected by this...

CVE Alert: CVE-2025-52887

June 27, 2025

Vulnerability Summary: CVE-2025-52887 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers...

CVE

CVE Alert: CVE-2025-53097

CVE Alert: CVE-2025-48923

CVE Alert: CVE-2025-48922

CVE Alert: CVE-2025-48921

CVE Alert: CVE-2025-52573

CVE Alert: CVE-2025-5966

CVE Alert: CVE-2025-6677

CVE Alert: CVE-2025-6676

CVE Alert: CVE-2025-6695

CVE Alert: CVE-2025-6694

CVE Alert: CVE-2025-5682

CVE Alert: CVE-2025-6675

CVE Alert: CVE-2025-6707

CVE Alert: CVE-2025-6710

CVE Alert: CVE-2025-6709

CVE Alert: CVE-2025-6674

CVE Alert: CVE-2025-29331

CVE Alert: CVE-2025-6706

CVE Alert: CVE-2025-53002

CVE Alert: CVE-2024-56915

CVE Alert: CVE-2025-52902

CVE Alert: CVE-2025-6696

CVE Alert: CVE-2025-6697

CVE Alert: CVE-2025-52887

HackerOne Bug Bounty Disclosure: curl-easy-header-runs-at-o-n-or-worse-and-can-be-abused-to-use-minute-s-of-cpu-time-wolfsage

HackerOne Bug Bounty Disclosure: curl-oj-allows-creating-custom-curlrc-file-which-allows-exfiltrating-private-data-among-other-things-wolfsage

HackerOne Bug Bounty Disclosure: heap-buffer-overflow-vulnerability-in-conncache-c-incorrect-use-of-pointer-arrays-resulting-in-out-of-bounds-memory-writes-freak-coding

HackerOne Bug Bounty Disclosure: http-proxy-bypass-via-curlopt-customrequest-verb-tunneling-alphox

HackerOne Bug Bounty Disclosure: arbitrary-file-read-via-file-path-traversal-with-path-as-is-demsese

You may have missed