GHSA-V4W8-49PV-MF72 ChatterBot Vulnerable to Denial of Service via Database Connection Pool Exhaustion

Summary ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service...

CVE-2025-7499

The CVE-2025-7499 entry concerns the BetterDocs plugin for WordPress, with a missing capability check in the get_response function present in all versions up to 4.1.1. This allows unauthenticated attackers to access passwords for password-protected documents and metadata of private/draft document...