CVE-2025-53944 AutoGPT Platform Exposes Graph Execution Results via Authorization Gap

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below, the external API's getgraphexecutionresults endpoint has an authorization bypass vulnerability. While it correctly validates user access to the graphid, it fails ...

CVE-2025-53357

GLPI (Gestionnaire Libre de Parc Informatique) is affected in versions 0.78–10.0.18, where a connected user can alter another user’s reservations. The issue is fixed in version 10.0.19. Affected products: GLPI Asset/IT Management software; impact: permission/reservation modification by an authent...

CVE-2025-54572 Ruby SAML DOS vulnerability with large SAML response

The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the messagemaxbytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64...

CVE-2025-54410 Moby's Firewalld reload removes bridge network isolation

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...

CGA-JR8J-X3QR-2M8J

Bulletin has no description...

RHSA-2025:12275 Red Hat Security Advisory: glib2 security update

Bulletin has no description...

RHSA-2025:12241 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

RHSA-2025:12234 Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

Bulletin has no description...

RHSA-2025:12112 Red Hat Security Advisory: libtpms security update

Bulletin has no description...

RHSA-2025:12111 Red Hat Security Advisory: libtpms security update

Bulletin has no description...

RHSA-2025:12099 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

RHSA-2025:12020 Red Hat Security Advisory: python-setuptools security update

Bulletin has no description...

RHSA-2025:12036 Red Hat Security Advisory: sqlite security update

Bulletin has no description...

RHSA-2025:12013 Red Hat Security Advisory: rsync security update

Bulletin has no description...

CGA-6GF6-VG3P-J4RQ

Bulletin has no description...

CVE-2025-43227

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information...

CVE-2025-43212

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash...

JVN#90566559: Apache Jena Fuseki vulnerable to path traversal

Jena Fuseki provided by The Apache Software Foundation contains the following vulnerability. Path traversal CWE-22 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Base Score 2.7 CVE-2025-49656 Impact A remore...

PT-2025-31385 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.1.0 through 10.0.18 Description: GLPI is an Asset and IT Management Software package. An unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. Recommendations: Update to version...

CVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...