EUVD-2025-14198

Malicious code in bioql PyPI...

CVE-2025-47424

Retool self-hosted before 3.196.0 allows Host header injection. When the BASEDOMAIN environment variable is not set, the HTTP host header can be manipulated...

Retool 安全漏洞

Retool is a platform from Retool, Inc. Any content can be developed using the code, design, debug, review, and deploy features. A security vulnerability exists in Retool versions prior to 3.196.0 that stems from host header injection allowed when the BASEDOMAIN environment variable is not set...

CVE-2025-47424

CVE-2025-47424 affects Retool (self-hosted) prior to 3.196.0. The underlying issue is a Host header injection when BASE_DOMAIN is not set, allowing manipulation of the HTTP Host header. The vulnerability is described with a potential impact on confidentiality/integrity (per the CVSS metrics) and ...

Retool 安全漏洞

Retool is a platform from Retool, Inc. It is possible to develop any content using the code, design, debug, review and deploy features. A security vulnerability exists in Retool version 3.40.0 and prior versions that stems from resource authentication credentials being inserted into sent data...