CVE-2026-47777

Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection could lead to attackers bypassing the check and faking consent. An attacker could forge the...

CVE-2025-4232

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root...

CVE-2025-4232

CVE-2025-4232 (Palo Alto Networks GlobalProtect on macOS) is an privilege-escalation flaw in the log collection feature caused by improper neutralization of wildcards. The issue affects GlobalProtect app versions on macOS prior to 6.2.8-h2 (and 6.3.x prior to 6.3.3 per Nessus plugin) and can allo...

PT-2025-25235 · Palo Alto Networks · Globalprotect

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect versions prior to 6.2.8-h2 on macOS Description: An improper neutralization of wildcards vulnerability in the log collection feature of the Palo Alto Networks GlobalProtect app on macOS allows a...

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...