EUVD-2025-24170

Malicious code in bioql PyPI...

SUSE CVE-2025-54525

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the create channel subscription endpoint. An attacker can create unauthorized channel subscriptions by making API calls without proper access checks. Remediation Upgrade...

Mattermost Confluence Plugin has Improper Validation of Specified Type of Input

Mattermost Confluence Plugin versions 1.5.0 fail to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the create channel subscription endpoint with an invalid request body...

CVE-2025-54525 Unexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body...

CVE-2025-54525 Unexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body...

PT-2025-32571 · WordPress · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user authorization to the Mattermost instance, enabling attackers to create channel subscriptions without proper authorization...