EUVD-2025-31652

Malicious code in bioql PyPI...

CVE-2025-54875 FreshRSS: Unauthorized creation of admin user when registration is enabled

FreshRSS is a free, self-hostable RSS aggregator. In versions 1.16.0 and above through 1.26.3, an unprivileged attacker can create a new admin user when registration is enabled through the use of a hidden field used only in the user management admin page, newuserisadmin. This is fixed in version...

BosNews v4.0 Remote add user admin

-------------------------------------------------------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo ---------------------------------------------------------...