Wordfence Intelligence Weekly WordPress Vulnerability Report (September 15, 2025 to September 21, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

Linux Distros Unpatched Vulnerability : CVE-2023-53361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Add p?dleaf definitions When I do LTP test, LTP test case ksm06 caused panic ...

Mitsubishi Electric MELSEC-Q Series 安全漏洞

The Mitsubishi Electric MELSEC-Q Series is a family of programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC-Q Series that arises from improper handling of the length parameter, which could result in an integer overflow th...

Airline data broker selling 5 billion passenger records to US government

We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago,...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

SUSE CVE-2023-53290

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...

SemiAutoPenTestingTool

It is an offensive tool for network exploitation. This repositor...

CVE-2023-53290

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...

UBUNTU-CVE-2023-53290

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...

CVE-2023-53290 samples/bpf: Fix fout leak in hbm's run_bpf_prog

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...

SUSE CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2023-53221

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memleak due to fentry attach failure If it fails to attach fentry, the allocated bpf trampoline image will be left in the system. That can be verified by checking /proc/kallsyms. This meamleak can be verified by a simple...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

DEBIAN-CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

UBUNTU-CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

GNU Guix 安全漏洞

GNU Guix is an open source, cross-platform package manager from the GNU community in the United States. A security vulnerability exists in versions of GNU Guix prior to 1618ca7, which stems from the fact that the content-addressed-mirrors file can be written to create the setuid program,...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

The CVE-2025-59378 entry concerns guix-daemon in GNU Guix prior to commit 1618ca7. A content-addressed-mirrors file can be written to create a setuid program, allowing a regular user to gain the privileges of the build user that runs it (even after the build ends). Impact is local privilege escal...