CVE-2025-32441

Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the Rack::Session::Pool middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the...

league/commonmark contains a XSS vulnerability in Attributes extension

Summary Cross-site scripting XSS vulnerability in the Attributes extension of the league/commonmark library versions 1.5.0 through 2.6.x allows remote attackers to insert malicious JavaScript calls into HTML. Details The league/commonmark library provides configuration options such as htmlinput:...

CVE-2025-46719

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, a vulnerability in the way certain html tags in chat messages are rendered allows attackers to inject JavaScript code into a chat transcript. The JavaScript code will be...

CVE-2025-46719 Open WebUI vulnerable to stored XSS via unescaped markdown token in MarkdownTokens.svelte leading to full account takeover and RCE via functions

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, a vulnerability in the way certain html tags in chat messages are rendered allows attackers to inject JavaScript code into a chat transcript. The JavaScript code will be...

CVE-2025-46340

Misskey CSS style injection vulnerability (CVE-2025-46340) affects 12.0.0 up to 2025.4.0 due to inadequate validation in UrlPreviewService and MkUrlPreview, enabling arbitrary CSS in MkUrlPreview and potential de-anonymization/related client attacks. UrlPreviewService.wrap avoids non-http/https U...

CVE-2025-46340 Misskey CSS Style Injection Vulnerability In `MkUrlPreview`

Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, due to an oversight in the validation performed in UrlPreviewService and MkUrlPreview, it is possible for an attacker to inject arbitrary CSS into the MkUrlPreview component...

CVE-2025-46553 @misskey-dev/summaly Redirect Filter Bypass

@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects,...

CVE-2025-46553 @misskey-dev/summaly Redirect Filter Bypass

@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects,...

CVE-2025-46553 @misskey-dev/summaly Redirect Filter Bypass

@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects,...

CVE-2025-46553

CVE-2025-46553 (Misskey summaly) : A logic error in the main summaly function (versions 3.0.1 to before 5.2.1) causes the allowRedirects option to be omitted when passed to plugins, so redirects are followed despite explicit requests not to. This creates a Redirect Filter Bypass condition and can...

CVE-2024-46821 affecting package kernel for versions less than 5.15.180.1-1

CVE-2024-46821 affecting package kernel for versions less than 5.15.180.1-1. A patched version of the package is available...

CVE-2025-46723 OpenVM byte decomposition of pc in AUIPC chip can overflow

OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...

CVE-2025-46723

OpenVM (version 1.0.0) contains a vulnerability in the AUIPC chip path where pc limb decomposition overflows due to a off-by-one typo in the 8-bit vs 6-bit check. The root cause is a mis-specified enumeration in the pc_limbs loop, causing pc_limbs[3] to be checked with 8-bit bounds instead of 6-b...

CVE-2025-27134

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, a privilege escalation vulnerability exists in the Joplin server, allowing non-admin users to exploit the API endpoint PATCH /api/users/:id t...

CVE-2025-29906

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

CVE-2025-46565 Vite's server.fs.deny bypassed with /. for files under project root

Vite is a frontend tooling framework for javascript. Prior to versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network usi...

CVE-2025-46558

XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting XSS through HTML. In particular, using Markdown syntax, it's possible for...

CVE-2025-27134

CVE-2025-27134 concerns Joplin server prior to version 3.3.3, where a vulnerability in the PATCH /api/users/:id endpoint allows a non-admin user to set the is_admin field to 1. This privilege escalation enables low-privilege users to perform administrative actions without proper authorization. Th...

CVE-2025-46552

KHC-INVITATION-AUTOMATION (GitHub script) has a vulnerability in version 1.2 where API responses could expose user data (email addresses, Discord usernames) due to missing access controls. The issue was identified in certain commits and has been patched in a later commit of version 1.2. No exploi...

CVE-2025-46348

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated...