CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal

LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the iswithindirectory function, during the extraction process of maliciously crafted wheel archives. An attacker can write files outside the intended installation directory by including specially crafted file pat...

CVE-2025-0717

To exploit the vulnerability, it is necessary:...

PT-2020-3911 · Microsoft · Windows Rsop Service Application +1

Name of the Vulnerable Software and Affected Versions: Windows RSoP Service Application affected versions not specified Description: An elevation of privilege issue exists due to improper memory handling by the Windows RSoP Service Application. To exploit this, an attacker must first gain executi...