EUVD-2025-205559

A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing manipulation can lead to reachable assertion. It is possible to launch the...

Debian dla-4424 : libopenjp2-7 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4424 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4424-1 [email protected] https://www.debian.org/lts/security/...

PT-2025-53614

Name of the Vulnerable Software and Affected Versions Eigent version 0.0.60 Description Eigent is a multi-agent Workforce platform. A 1-click Remote Code Execution RCE issue exists in version 0.0.60, allowing an attacker to execute arbitrary code on a victim’s machine or server through a specific...

CVE-2025-15097 Alteryx Server status improper authentication

A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

PT-2025-53435

Name of the Vulnerable Software and Affected Versions Alteryx Server versions prior to 2023.1.1.13.486 Alteryx Server versions prior to 2023.2.1.10.293 Alteryx Server versions prior to 2024.1.1.9.236 Alteryx Server versions prior to 2024.2.1.6.125 Alteryx Server versions prior to 2025.1.1.1.31...

Exploit for CVE-2025-68613

CVE-2025-68613 n8n is an open source workflow automation plat...

SUSE CVE-2025-14956

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

PT-2025-52744

Name of the Vulnerable Software and Affected Versions Product Delivery Date for WooCommerce – Lite versions through 2.7.0 Description A security issue exists in Tyche softwares Product Delivery Date for WooCommerce – Lite. The description does not provide specific details about the nature of the...

PT-2025-52770

Name of the Vulnerable Software and Affected Versions Linksys E5600 version 1.1.0.26 Description The Linksys E5600 router firmware version 1.1.0.26 contains a command injection issue in the runtime.macClone function. The issue is triggered via the mc.ip parameter. Recommendations Update to a newe...

EUVD-2025-204618

n8n Vulnerable to Remote Code Execution via Expression Injection...

CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

MAL-2025-192640 Malicious code in tailwind-animationbased (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac7eef2c8a93c095a7c203eb12ac4dab149ff712b00eef96d4a8febb468710f0 The package tailwind-animationbased was found to contain malicious code. Source: ghsa-malware...

CVE-2025-14909

A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to mana...

EUVD-2025-204432

A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to mana...

CVE-2025-14909 JeecgBoot SysUserOnlineController.java SysUserOnlineController user session

A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to mana...

PT-2025-52483

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.5 Description A flaw exists in Open5GS impacting the ogs pfcp handle create pdr function within the lib/pfcp/handler.c library of the FAR-ID Handler component. This can lead to a null pointer dereference, potentially...

CVE-2025-68145

In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...

CVE-2025-14693

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. It i...

CVE-2025-14691

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...