3 matches found
CVE-2025-40649
creationtimestamp| type| source ---|---|--- 2025-10-07 13:09:20+00:00| seen| Telegram/d5XgdaJOPCkyW9RmVIFfCHU75Ys-P0782b-FSUKfbZhh8YY...
CVE-2025-40649
Stored XSS in BBMRI-ERIC Negotiator v3.15.2 due to insufficient validation of user-supplied data in the text parameter of POST /api/v3/negotiations//posts. A remote attacker could craft input to exfiltrate or steal the cookie session details of an authenticated user. The issue is concrete in the ...
MAL-2025-40649 Malicious code in yucca-yonder-gvs577-project (npm)
The package yucca-yonder-gvs577-project was found to contain malicious code...