CVE-2025-53885

Directus Flows logs can disclose sensitive user data via the Log to Console operation. Affected: Directus real-time API/dashboard prior to 11.9.0 (versions 9.0.0–11.8.x). Root cause: logging unfettered input during user create/update events, enabling a malicious admin to view other users’ data. I...

nodejs: Node.js Worker Thread Exposure via Diagnostics Channel

A flaw was found in the Node.js diagnosticschannel. This vulnerability allows an attacker to reinstate and misuse worker constructors, potentially bypassing the Permission Model via hooking into events when a worker thread is created...

[SECURITY] Fedora 24 Update: php-guzzlehttp-guzzle-5.3.1-1.fc24

Guzzle is a PHP HTTP client that makes it easy to work with HTTP/1.1 and ta kes the pain out of consuming web services. Pluggable HTTP adapters that can send requests serially or in parallel Doesn't require cURL, but uses cURL by default Streams data for both uploads and downloads Provides event...