CVE-2025-55008 AuthKit React Router: Sensitive auth data rendered in HTML

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by...

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

CVE-2025-55009

CVE-2025-55009 affects the AuthKit Remix package @workos-inc/authkit-remix. Versions ≤ 0.14.1 expose sensitive artifacts (sealedSession and accessToken) via the authkitLoader, causing them to be rendered into browser HTML. This creates information exposure and potential session/API access risk, a...

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

PT-2025-32438 · WordPress · The7 Theme

Name of the Vulnerable Software and Affected Versions: The7 theme for WordPress versions prior to 12.6.1 Description: The The7 theme for WordPress is susceptible to Stored Cross-Site Scripting through its lightbox rendering code. Insufficient input sanitization and output escaping allow the theme...

Linux Distros Unpatched Vulnerability : CVE-2022-50176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/mcde: Fix refcount leak in mcdedsibind Every iteration of foreachavailablechildofnode...

Linux Distros Unpatched Vulnerability : CVE-2025-38436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity...

Linux Distros Unpatched Vulnerability : CVE-2021-47530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix waitfence submitqueue leak We weren't dropping the submitqueue reference in all...

Linux Distros Unpatched Vulnerability : CVE-2022-49499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereferences without iommu Check if 'aspace' is set before using i...

Linux Distros Unpatched Vulnerability : CVE-2022-49829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/scheduler: fix fence ref counting We leaked dependency fences when processes were beeing killed. Additional to that grab a reference to the last scheduled...

CVE-2025-54793

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

[SECURITY] Fedora 42 Update: webkitgtk-2.48.5-1.fc42

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

CVE-2025-54793

Summary: CVE-2025-54793 affects Astro web framework. Versions 5.2.0 through 5.12.7 have an Open Redirect in the trailing slash redirection logic when handling paths with double slashes, enabling a user to be redirected to an external domain via crafted URLs (e.g., https://example.com//malicious-s...

CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

Linux Distros Unpatched Vulnerability : CVE-2025-21880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmmrangefault as a...

Linux Distros Unpatched Vulnerability : CVE-2023-4573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially...

Linux Distros Unpatched Vulnerability : CVE-2024-42275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns...