@nocobase/devtools (>=2.0.0-alpha.2 <=2.0.0-alpha.51), @nocobase/server (>=2.0.0-alpha.2 <=2.0.0-alpha.51) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=2.0.0-alpha.2 <=2.0.0-alpha.51)

@nocobase/auth NPM version =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.51 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...

@nocobase/devtools (>=2.0.0-alpha.2 <=2.0.0-alpha.51), @nocobase/server (>=2.0.0-alpha.2 <=2.0.0-alpha.51) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=2.0.0-alpha.10 <=2.0.0-alpha.51)

@nocobase/auth NPM version =2.0.0-alpha.10, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.51 Source cves: CVE-2025-13877 Source advisory: OSV:GHSA-MV7P-34FV-4874...

CVE-2025-14192

A vulnerability was found in RashminDungrani online-banking up to 2337ad552ea9d385b4e07b90e6f32d011b7c68a2. This affects an unknown part of the file /site/dist/authlogin.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The explo...

EUVD-2023-60068

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...

📄 Craft CMS 5.0 Logic Flaw

A flaw in the Craft CMS image transform endpoint allows an unauthenticated attacker to trigger backend processing without prior authentication. While the original Metasploit module targeted remote code execution, this proof of concept does not execute code, does not write files, and does not inje...

CVE-2025-14192 RashminDungrani online-banking auth_login.php sql injection

A vulnerability was found in RashminDungrani online-banking up to 2337ad552ea9d385b4e07b90e6f32d011b7c68a2. This affects an unknown part of the file /site/dist/authlogin.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The explo...

Online Banking website using PHP SQL注入漏洞

Online Banking website using PHP is an online banking website by Rashmin Personal Developer. A SQL injection vulnerability exists in Online Banking website using PHP, which stems from incorrect manipulation of the parameter Username in the file /site/dist/authlogin.php, which can lead to SQL...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 A modified and a...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React Server Components RCE Scanner !Severi...

Metasploit Wrap-Up 12/05/2025

Twonky Auth Bypass, RCEs and RISC-V Reverse Shell Payloads This was another fantastic week in terms of PR contribution to the Metasploit Framework. Rapid7’s very own Ryan Emmons recently disclosed CVE-2025-13315 and CVE-2025-13316 which exist in Twonky Server and allow decrypting admin credential...

CVE-2025-12819

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage. Mitigation Mitigation for this issue is either not available or the...

Untrusted search path in auth_query connection in PgBouncer

...

Authentication Bypass

better-auth is vulnerable to an Authentication Bypass. The vulnerability is due to improper handling of the userId field when no session exists, allowing attackers to supply a victim’s ID and have the server treat them as that user, enabling unauthenticated creation or modification of API keys an...

Exploit for SQL Injection in Djangoproject Django

CTF Challenge: Django ORM Injection CVE-2025-64459 Catego...

CVE-2025-66509 LaraDashboard: 1-Click Pre-Auth RCE via Host Header + Module Installation Chain

LaraDashboard is an all-In-one solution to start a Laravel Application. In 2.3.0 and earlier, the password reset flow trusts the Host header, allowing attackers to redirect the administrator’s reset token to an attacker-controlled server. This can be combined with the module installation process ...

org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:azure__msal-node (=1.5.0) +7 more potentially affected by CVE-2025-65945 via org.webjars.npm:jws (>=3.2.2 <=4.0.0)

org.webjars.npm:jws MAVEN version =3.2.2, =1.6.1, =2.3.2, =5.5.4, =0.0.1, =1.0.0 Source cves: CVE-2025-65945 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14188254...

@bigchaindb/jwt (>=0.0.18 <=0.0.20), @compas/store (>=0.0.172 <=0.20.0) +36 more potentially affected by CVE-2025-65945 via jws (=4.0.0)

jws NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - @bigchaindb/jwt =0.0.18, =0.0.172, =11.8.0, =1.0.0-beta.2, =1.1.0, =0.0.22, =15.2.0, =17.1.6, =13.0.0, =10.1.0, =10.4.0, =10.1.0, =10.3.0-snapshot, =0.1.1...

CVE-2025-54305

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTEADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user wit...

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all...

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...