GO-2025-3745 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user in github.com/knadh/listmonk

listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user in github.com/knadh/listmonk. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

CVE-2025-4678 Remote Code Execution leads to Command Injection

Improper Neutralization of Special Elements in the chromiumpath variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105...

CVE-2025-4678

CVE-2025-4678 affects Pandora ITSM 5.0.105. The root cause is improper neutralization of special elements in the chromium_path variable, which may permit OS command injection. The CVSS data indicates network attack vector, high severity (7.0), with high privileges required and no user interaction...

Environment Variable Exposure

github.com/knadh/listmonk is vulnerable to Environment Variable Exposure. The vulnerability is due to the use of env and expandenv template functions in Sprig, which allows non-super-admin users to capture sensitive environment variables in multi-user installations...

PT-2025-24700 · Unknown · Pandora Itsm

Name of the Vulnerable Software and Affected Versions: Pandora ITSM version 5.0.105 Description: The issue is related to the improper neutralization of special elements in the chromium path variable, which may allow OS command injection. Recommendations: For Pandora ITSM version 5.0.105, consider...

A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable

Overview UEFI firmware applications DTBios and BiosFlashShell from DTResearch contain a vulnerability that allows Secure Boot to be bypassed using a specially crafted NVRAM variable. The vulnerability stems from improper handling of a runtime NVRAM variable that enables an arbitrary write...

A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM variable, which is used as trusted storage for a digital certificate in the trust validation chain. An...

CVE-2025-49136 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-use...

CVE-2025-49136 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-use...

GHSA-JC7G-X28F-3V3H listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

Summary The env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on the host. While this may not be a problem on single-user super admin installations, on multi-user installations, this allows non-super-admin users with campaign or template...

CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows

WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...

listmonk 安全漏洞

listmonk is a high-performance, self-hosted, newsletter and mailing list manager with a modern dashboard by the individual developer Kailash Nadh. A security vulnerability exists in listmonk versions prior to 5.0.2, which stems from a template function capturing an environment variable that could...

PT-2025-24526 · Sprig +1 · Sprig +1

Name of the Vulnerable Software and Affected Versions: Listmonk versions 4.0.0 through 5.0.2 Description: Listmonk is a standalone, self-hosted, newsletter and mailing list manager. The env and expandenv template functions, enabled by default in Sprig, allow capturing of environment variables on...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

DEBIAN-CVE-2025-38004

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

CVE-2025-48934

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to versions 2.1.13 and 2.2.13, the Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...

CVE-2025-5749

The CVE-2025-5749 issue affects WOLFBOX Level 2 EV Charger devices, specifically the BLE communication path. The root cause is an uninitialized variable in the handling of cryptographic keys used in vendor-specific encrypted communications, enabling authentication bypass for network-adjacent atta...

CVE-2025-5749 WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability

WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of WOLFBOX Level 2 EV Charger devices. Authentication is not required to exploit this...