CVE-2026-25957

creationtimestamp| type| source ---|---|--- 2026-02-10 00:40:05+00:00| seen| https://gist.github.com/alon710/03f3dd771bb5d3bbd35120e8ce57c5b1...

@cubejs-backend/server (>=1.1.2 <=1.4.1), @cubejs-backend/testing-drivers (>=1.1.2 <=1.4.1) potentially affected by CVE-2026-25957 via @cubejs-backend/server-core (>=1.1.17 <=1.4.1)

@cubejs-backend/server-core NPM version =1.1.17, =1.1.2, =1.1.2, =1.4.1 Source cves: CVE-2026-25957 Source advisory: OSV:GHSA-9VPH-2HVM-X66G...

@cubejs-backend/server (>=1.5.0 <=1.5.12), @cubejs-backend/testing-drivers (>=1.5.0 <=1.5.12) potentially affected by CVE-2026-25957 via @cubejs-backend/server-core (>=1.5.0 <=1.5.12)

@cubejs-backend/server-core NPM version =1.5.0, =1.5.0, =1.5.0, =1.5.12 Source cves: CVE-2026-25957 Source advisory: OSV:GHSA-9VPH-2HVM-X66G...

@cubejs-backend/server (>=1.5.0 <=1.5.12), @cubejs-backend/server-core (>=1.5.0 <=1.5.12) +1 more potentially affected by CVE-2026-25957 via @cubejs-backend/api-gateway (>=1.5.0 <=1.5.12)

@cubejs-backend/api-gateway NPM version =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.12 Source cves: CVE-2026-25957 Source advisory: SNYK:JS-CUBEJSBACKENDAPIGATEWAY-15265448...

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

EUVD-2023-32732

Malicious code in bioql PyPI...

CVE-2021-25957

In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password...

CVE-2025-25957

creationtimestamp| type| source ---|---|--- 2025-02-20 23:17:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4839 2025-02-21 00:53:51+00:00| seen| https://t.me/cvedetector/18605...

CVE-2025-25957

Cross Site Scripting vulnerabilities in Xunruicms v.4.6.3 and before allows a remote attacker to escalate privileges via a crafted script...

CVE-2025-25957

CVE-2025-25957 affects Xunruicms up to version 4.6.3. The issue is a Cross Site Scripting vulnerability that allows a remote attacker to escalate privileges via a crafted script. Root cause is a XSS in the Xunruicms core/exposed components (per multiple sources). Impact stated as privilege escala...

CVE-2025-25957

Cross Site Scripting vulnerabilities in Xunruicms v.4.6.3 and before allows a remote attacker to escalate privileges via a crafted script...

CVE-2024-25957

creationtimestamp| type| source ---|---|--- 2025-01-28 19:17:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3275...

CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...

CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...

Authentication flaw

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.3 = V1.16.4 = V2.3.0 = V2.2.0 = V3.3.1 = V3.1.9 = V3.3.0 = V3.1.8 = V3.3.1 = V3.3.0 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow...

CVE-2023-25957

creationtimestamp| type| source ---|---|--- 2023-03-30 20:00:06+00:00| seen| https://t.me/icscert/726...

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

CVE-2023-25957

Summary: CVE-2023-25957 affects Mendix SAML modules across multiple tracks/versions (e.g., Mendix 7/8/9, various upgrade/new tracks). The core issue is that SAML assertions are insufficiently verified, enabling unauthenticated remote attackers to bypass authentication and access the application. ...

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...