CVE-2025-62397 Moodle: router produces json instead of 404 error for invalid course id

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance...

CVE-2023-46297

CVE-2023-46297 affects Mercusys MW325R EU V3 (firmware 1.11.0 221019). An unauthenticated HTTP request can render the admin interface unreachable/invisible; data verification is not performed, and affected UI files become unavailable. The web server remains up, but the admin UI is hidden, typical...