CVE-2025-9078

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.1, 10.9.x = 10.9.3 fail to properly validate cache keys for link metadata which allows authenticated users to access unauthorized posts and poison link previews via hash collision attacks on FNV-1 hashing...

CVE-2025-9078

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.1, 10.9.x = 10.9.3 fail to properly validate cache keys for link metadata which allows authenticated users to access unauthorized posts and poison link previews via hash collision attacks on FNV-1 hashing...

CVE-2025-59375

creationtimestamp| type| source ---|---|--- 2025-09-15 06:01:43+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyu4yh4hw22m 2025-09-15 06:02:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyu4zjmrym2x 2025-09-15 06:18:01+00:00| seen|...

PT-2025-37465

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 9.11.x through 9.11.17 Mattermost versions 10.10.x through 10.10.1 Mattermost versions 10.9.x through 10.9.3 Description The Mattermost...

Mattermost Server 10.5.x < 10.5.9 / 10.10.0 Incorrect Authorization (MMSA-2025-00470)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00470 advisory. - Mattermost versions 10.5.x = 10.5.8 fail to validate access controls at time of access which allows user to read a thread via AI posts CVE-2025-49810 Note...

CVE-2020-36732

creationtimestamp| type| source ---|---|--- 2025-09-10 20:15:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lyj2dsk7fz2s 2025-09-10 21:10:05+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3lyj5g4uhge2o...

CVE-2025-10155

creationtimestamp| type| source ---|---|--- 2025-09-10 19:51:37+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-jgw4-cr84-mqxg 2025-09-17 10:31:59+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyzmzk6thf2o 2025-09-17 11:32:14+00:00| seen|...

CVE-2025-9943

creationtimestamp| type| source ---|---|--- 2025-09-10 08:01:33+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyhre4bny42r 2025-09-10 08:46:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyhttvtwpt2r...

CVE-2025-41714

creationtimestamp| type| source ---|---|--- 2025-09-10 07:01:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyhnxzdtqy2a 2025-09-10 07:04:34+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lyho3enfaig2 2025-09-10 11:01:34+00:00| seen|...

CVE-2025-8388

creationtimestamp| type| source ---|---|--- 2025-09-10 05:00:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyhhbbhzhb2r 2025-09-10 05:01:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyhhc73eyw2y...

CVE-2025-55234

creationtimestamp| type| source ---|---|--- 2025-09-09 16:22:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0277 2025-09-09 17:06:15+00:00| seen| https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review 2025-09-09 19:21:14+00:00| seen|...

GHSA-W62P-HX95-GF2C

creationtimestamp| type| source ---|---|--- 2025-09-09 10:49:30+00:00| seen| https://bsky.app/profile/hnws.bsky.social/post/3lyfkbk7n722s 2025-09-09 11:00:04+00:00| seen| https://bsky.app/profile/hnbot.gsuscs.xyz/post/3lyfkufubzs2e 2025-09-09 11:17:36+00:00| seen|...

CVE-2025-58746

creationtimestamp| type| source ---|---|--- 2025-09-09 00:01:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lyeg2tstqh22 2025-09-09 01:18:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyekeuvbel2t...

CVE-2025-53838

creationtimestamp| type| source ---|---|--- 2025-09-08 22:56:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyecgkenjs2l 2025-09-08 23:28:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyeea22c6h2r...

CVE-2025-36854

creationtimestamp| type| source ---|---|--- 2025-09-08 15:20:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydixmqfrc2r 2025-09-08 15:30:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydjjjmrkh2r 2025-09-08 15:53:16+00:00| seen| https://t.me/canyoupwnme/6960...

CVE-2025-36855

creationtimestamp| type| source ---|---|--- 2025-09-08 15:11:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydigyqxqj2d 2025-09-08 15:15:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydiood4vf2l 2025-09-08 15:53:15+00:00| seen| https://t.me/canyoupwnme/6959...

CVE-2025-5993

creationtimestamp| type| source ---|---|--- 2025-09-08 12:55:18+00:00| seen| https://t.me/canyoupwnme/6946 2025-09-08 12:55:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydauq2m2x2r 2025-09-08 13:15:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydbyjpfui26...

CVE-2025-6757

The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-7368

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

CVE-2025-6757

The Recent Posts Widget Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rpwe' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...