CVE-2026-32625

creationtimestamp| type| source ---|---|--- 2026-06-03 00:00:39+00:00| seen| https://infosec.exchange/users/offseq/statuses/116683232788673466 2026-06-03 00:00:39+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mndsj3gb3q24 2026-06-03 00:01:18+00:00| seen|...

CVE-2026-32625

LibreChat vulnerability CVE-2026-32625 affects versions up to 0.8.3 where MCP server URL validation expands ${VAR} against process.env during Zod schema checks. An authenticated user can configure a malicious MCP URL to exfiltrate secrets (CREDS_KEY, CREDS_IV, JWT_SECRET, MONGO_URI) to an attacke...

EUVD-2025-32625

Malicious code in bildgoogl npm...

CVE-2022-32625

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216...

CVE-2025-32625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Mobile Pages mobile-pages allows Reflected XSS.This issue affects Mobile Pages: from n/a through = 1.0.2...

CVE-2025-32625

CVE-2025-32625 describes a reflected XSS vulnerability in WordPress Mobile Blocks (Mobile Pages) plugin/product “Mobile Blocks,” affecting versions from n/a up to 1.0.2. The connected Wordfence entry confirms the vulnerability class as Reflected Cross‑Site Scripting and lists the affected softwar...

WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Mobile Pages versions = 1.0.2...

CVE-2024-32625 Uninitialized scalar field

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations...

CVE-2024-32625 Uninitialized scalar field

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations...

Amazon Linux 2 : redis (ALASREDIS6-2023-008)

The version of redis installed on the remote host is prior to 6.2.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-008 advisory. Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An...

BELL-CVE-2021-32625 CVE-2021-32625 does not affect BellSoft software

Bulletin has no description...

CVE-2023-32625

creationtimestamp| type| source ---|---|--- 2023-07-21 07:33:33+00:00| seen| https://t.me/cibsecurity/67081...

CVE-2023-32625

Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...

CVE-2023-32625

The CVE-2023-32625 issue affects TS Webfonts for SAKURA (WordPress plugin) versions 3.1.2 and earlier. The root cause is insufficient CSRF protections in the plugin, enabling a remote attacker to trigger unauthorized actions when an administrator views a malicious page, effectively enabling setti...

CVE-2023-32625

Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...

JVN#90560760: Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2023-32624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

CVE-2022-32625

In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216...

CVE-2022-32625

CVE-2022-32625 describes an out-of-bounds write caused by an incorrect bounds check in the display path, with potential local escalation to SYSTEM privileges and no user interaction required. Multiple connected sources reference MediaTek chips as affected and note the vulnerability’s impact on co...

SUSE SLES15 Security Update : redis (SUSE-SU-2021:2294-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:2294-1 advisory. - Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis...

openSUSE: Security Advisory for redis (openSUSE-SU-2021:2294-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...