CVE-2025-53822

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the relatoriogeracao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...

CVE-2025-53836 XWiki Rendering is vulnerable to RCE attacks when processing nested macros

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...

CVE-2025-22872 affecting package cert-manager for versions less than 1.11.2-23

CVE-2025-22872 affecting package cert-manager for versions less than 1.11.2-23. A patched version of the package is available...

CVE-2025-53368

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert...

CVE-2025-53370 Citizen stored XSS vulnerability through short descriptions

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page...

CVE-2025-48939 tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript

tarteaucitron.js is a compliant and accessible cookie banner. Prior to version 1.22.0, a vulnerability was identified in tarteaucitron.js where document.currentScript was accessed without verifying that it referenced an actual element. If an attacker injected an HTML element, it could clobber the...

CVE-2025-52886

Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...

CVE-2025-52886 Poppler Use After Free Vulnerability

Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...

CVE-2025-53358 kotaemon Vulnerable to Path Traversal via Link Upload

kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the indexfn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to...

CVE-2025-48379

CVE-2025-48379 (Pillow) Vulnerability: Pillow (Python imaging library) versions 11.2.0 through before 11.3.0 contain a heap buffer overflow when saving large (>64k) images in DDS format, caused by writing into a buffer without checking available space. The issue affects users who save untruste...

CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

CVE-2025-53095 Sunshine application-wide CSRF in the UI leads to command injection as Administrator

Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery CSRF attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can...

CVE-2025-53003 Janssen Config API returns results without scope verification

The Janssen Project is an open-source identity and access management IAM platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts...

EulerOS 2.0 SP13 : vim (EulerOS-SA-2025-1711)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the :redir ex command to register,...

CVE-2025-53093 TabberNeue vulnerable to Stored XSS through wikitext

TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the tag. Version 3.1.1 contains a patch for the bug...

CVE-2025-49845

Discourse is an open-source discussion platform. The visibility of posts typed whisper is controlled via the whispersallowedgroups site setting. Only users that belong to groups specified in the site setting are allowed to view posts typed whisper. However, it has been discovered that users of...

CVE-2025-50179 Tuleap missing CSRF protection on tracker reports manipulation

Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request forgery vulnerability in Tuleap Community Edition prior to version 16.8.99.1749830289 and Tuleap Enterprise Edition prior to version 16.9-1 to trick victims...

CVE-2025-49845 Discourse users are able to see their own whispers even after being removed from a group that has been configured to see whispers

Discourse is an open-source discussion platform. The visibility of posts typed whisper is controlled via the whispersallowedgroups site setting. Only users that belong to groups specified in the site setting are allowed to view posts typed whisper. However, it has been discovered that users of...

CVE-2025-50178

GitForge.jl vulnerability (CVE-2025-50178) stems from lack of input validation in GitForge.get_repo for GitHub where owner and repo strings are not validated or safely encoded, allowing path traversal like ../ to reach unintended GitHub API endpoints. Affected versions: prior to 0.4.3; patch avai...

CVE-2025-48954

Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy isn't enabled when using social logins. Version 3.5.0.beta6 patches the issue. As a workaround, have the content security policy enabled...