EUVD-2025-12624

Malicious code in bioql PyPI...

UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

Overview UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 Shu Yoshikoshi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

CVE-2025-22251

An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...

CVE-2025-23178

CWE-923: Improper Restriction of Communication Channel to Intended Endpoints...

CVE-2025-23178 Ribbon Communications - CWE-923: Improper Restriction of Communication Channel to Intended Endpoints

CWE-923: Improper Restriction of Communication Channel to Intended Endpoints...

JVN#50850706: Pimax Play and PiTool accept WebSocket connections from unintended endpoints

Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpointsCWE-923. Impact Arbitrary code may be executed by a remote unauthenticated attacker. Solution Update the Software For Pimax Play, update the software to the latest version according to the information...