CVE-2025-67446

creationtimestamp| type| source ---|---|--- 2026-06-04 22:01:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnimr26bvw2p...

CVE-2025-71316 SQLite sqldiff remote code execution via argument injection

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

ROOT-APP-NPM-CVE-2025-25290 CVE-2025-25290 in @rootio/octokit__request - Patched by Root

Root has patched CVE-2025-25290 in the @rootio/octokitrequest package for Root:npm. Multiple fixed versions available...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

CVE-2025-46638

Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...

ROOT-APP-NPM-CVE-2025-25288 CVE-2025-25288 in @rootio/octokit__plugin-paginate-rest - Patched by Root

Root has patched CVE-2025-25288 in the @rootio/octokitplugin-paginate-rest package for Root:npm. Multiple fixed versions available...

CVE-2025-69649 vulnerabilities

Vulnerabilities for packages: binutils...

CVE-2025-52612

HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters...

CVE-2025-52609

HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting XSS attacks by enabling the built-in XSS filtering mechanisms of modern web browsers...

CVE-2025-59874

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

CVE-2025-59874 HCL Hive Telco Observability is affected by  a Required directives missing from the CSP .

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

ROOT-APP-NPM-CVE-2025-1302 CVE-2025-1302 in @rootio/jsonpath-plus - Patched by Root

Root has patched CVE-2025-1302 in the @rootio/jsonpath-plus package for Root:npm. Multiple fixed versions available...

CVE-2025-52609

Technical details about CVE-2025-52609 are not publicly available in the provided documents. Monitor for updates from vendors and advisories; current descriptions indicate a Missing Security Headers/XSS issue but no concrete affected versions or fixes.

ROOT-APP-MAVEN-CVE-2025-41234 CVE-2025-41234 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2025-41234 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Security Bulletin: A vulnerability has been identified in the Netty framework used by IBM DevOps Plan (CVE-2025-58057)

Summary A vulnerability has been identified in the Netty framework used by IBM DevOps Plan. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients...

ROOT-APP-MAVEN-CVE-2025-59419 CVE-2025-59419 in io.root.io.netty:netty-codec-smtp - Patched by Root

Root has patched CVE-2025-59419 in the io.root.io.netty:netty-codec-smtp package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-67735 CVE-2025-67735 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2025-67735 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

Stop User Enumeration WordPress plugin - Authentication Bypass

Stop User Enumeration WordPress plugin 1.7.3 contains an authentication bypass caused by URL-encoding the REST API path /wp-json/wp/v2/users/, letting attackers bypass user enumeration restrictions, exploit requires crafted URL encoding. id: CVE-2025-4302 info: name: Stop User Enumeration WordPre...

MapTiler Tileserver-php v2.0 - Unauthenticated File Read

MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...