CVE-2025-48073

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...

CVE-2025-26062

creationtimestamp| type| source ---|---|--- 2025-07-31 20:02:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvbwj2tzva2z 2025-08-01 07:31:49+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvd524rvw42e...

WordPress Auteur Framework plugin <= 7.1 - Missing Authorization to Authenticated (Subscriber+) Settings Updates vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Updates vulnerability discovered by Lucio Sá in WordPress Plugin Auteur Framework versions = 7.1...

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

CVE-2025-48074

creationtimestamp| type| source ---|---|--- 2025-07-31 15:11:06+00:00| published-proof-of-concept| https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf 2025-08-01 19:07:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvedwm6nf32l...

CVE-2025-48073

creationtimestamp| type| source ---|---|--- 2025-07-31 15:10:03+00:00| published-proof-of-concept| https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-qhpm-86v7-phmm 2025-08-01 00:02:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvcdwlpcda2c...

CVE-2025-8401

creationtimestamp| type| source ---|---|--- 2025-07-31 14:02:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvbcgcuof42z...

CVE-2025-43234

creationtimestamp| type| source ---|---|--- 2025-07-31 12:47:22+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3lvb67d4has2e 2026-04-02 22:18:54+00:00| seen| Telegram/FPW4mPTw7L13FkaJiOQGC-q2hCdFUIx-Y-hbJT-Oh6Uj0...

CVE-2025-7205

creationtimestamp| type| source ---|---|--- 2025-07-31 11:20:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvazefk7na2p...

CVE-2025-49084

creationtimestamp| type| source ---|---|--- 2025-07-31 00:36:09+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lv7vboy2pma2 2025-07-31 03:32:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lva7a5fewj2c...

CVE-2025-44137

MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web...

PT-2025-31520 · Undefined · Undefined

CVE-2025-7356 Rejected reason https://t.co/I9AXYWTXil...

PT-2025-31513 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The description indicates a rejected reason of 'Not used', suggesting the reported issue was deemed invalid or not applicable. No further details about the nature of the issue ar...

CVE-2025-54581

creationtimestamp| type| source ---|---|--- 2025-07-30 23:47:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7sndhtr32z...

CVE-2025-43245

creationtimestamp| type| source ---|---|--- 2025-07-30 21:42:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7lmzfbws2s...

CVE-2025-54576

An authentication bypass flaw was found in the OAuth2-Proxy project. This bypass affects systems that have configured their deployment to skip authentication on endpoints that match a deployment-defined regular expression. HTTP parameters can be used to match and trigger the authentication bypass...

CVE-2024-45955

creationtimestamp| type| source ---|---|--- 2025-07-30 20:47:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7il2o7yw2p...

CVE-2025-54388

A firewall state management issue was found in the Moby project. When the firewalld service is reloaded, it removes all iptables rules, including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block...

CVE-2025-50578

creationtimestamp| type| source ---|---|--- 2025-07-30 17:22:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7542hzfa2e 2025-07-31 06:01:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvahjpj4uq2h 2026-04-01 05:00:11+00:00| confirmed|...

CVE-2025-50578

LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically X-Forwarded-Host and Referer. An unauthenticated remote attacker can manipulate these headers to perform Host Header Injection and Open Redirect attacks. This allows the loading...