CVE-2025-65875

An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-65875

An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-65875

An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-65875

CVE-2025-65875 : Concrete details across sources show an arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier. The root cause is that crafted PHP files can be uploaded, enabling arbitrary code execution. Affected component: FPDF library (FPDF AddFont). Impact is...

PT-2026-5950

An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

GHSA-X3VF-39HJ-GXR4 Biopython is vulnerable to doctype XML external entity (XXE) injection through Bio.Entrez

Bio.Entrez in Biopython through 1.86 allows doctype XXE...

AZL-61845 CVE-2025-4574 affecting package rust for versions less than 1.86.0-3

In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption...

Phoenix Contact Automation Worx Software Suite Memory Misreference Vulnerability

Automation Worx Software Suite is an automation software package from Phoenix Contact. A memory misreference vulnerability exists in the PC Worx, PC Worx Express, and Config+ components in Phoenix Contact Automation Worx Software Suite versions 1.86 and earlier. An attacker could exploit this...