Drupal core - Moderately critical - Denial of Service - SA-CORE-2025-005

Drupal Core has a rarely used feature, provided by an underlying library, which allows certain attributes of incoming HTTP requests to be overridden. This functionality can be abused in a way that may cause Drupal to cache response data that it should not. This can lead to legitimate requests...

CVE-2025-6140

A resource exhaustion vulnerability has been discovered in the spdlog library. This flaw can be exploited by an attacker to cause the program utilizing spdlog to become unresponsive, leading to a denial-of-service condition. Mitigation Mitigation for this issue is either not available or the...