CVE-2025-52467 pgai secrets exfiltration via `pull_request_target`

pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUBTOKEN with write permissio...

CVE-2025-52467 pgai secrets exfiltration via `pull_request_target`

pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUBTOKEN with write permissio...

CVE-2025-50183 OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer

OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in tags may be interpreted and executed as HTML in certain modes. Th...

CVE-2025-50181

urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attemptin...

100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin

🌞Spring Into Summer Challenge: Critical Threats = Critical Rewards. 🌞 🔥 Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Submit bold. Earn big! 🔥 On May 21st, 2025, our Wordfence Thre...

CVE-2022-50185

In CVE-2022-50185, the Linux kernel drm/radeon path ni_set_mc_special_registers() is vulnerable to a potential buffer overflow. The last case label could write mc_reg_address[j] and mc_data[j] when j equals SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE due to missing bounds checks after the last j++. The f...

CVE-2022-50020

CVE-2022-50020 affects the Linux kernel ext4 filesystem: the patch prevents online resizing to an unaligned/partial cluster boundary. The issue could cause the last resize iteration to grow the filesystem by a negative amount, tripping a BUG_ON and leaving the in-memory superblock corrupted. Conn...

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

CVE-2025-38054

The CVE-2025-38054 issue affects the Linux kernel PTP clock framework (ocp) in debugfs summary output. It could dereference NULL or access out-of-bounds elements in freq_in[] and signal_out[] due to uninitialized elements. The fix adds per-array counters (nr_freq_in, nr_signal_out) with a maximum...

CVE-2025-38022

The CVE-2025-38022 issue resides in the Linux kernel RDMA/core where KASAN reports a slab-use-after-free Read in ib_register_device. Root cause: ib_device_rename() renames the device name under a lock while kobject_uevent() accesses the name without lock protection, leading to a race. The fix is ...

CVE-2025-6166

A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function imageget of the file /python/api/imageget.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The...

CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)

conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...

CVE-2025-48992 Group-Office vulnerable to blind XSS

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a stored and blind cross-site scripting XSS vulnerability exists in the Name Field of the user profile. A malicious attacker can change their name to a javascript payload, whi...

Security Bulletin: IBM App Connect Enterprise is vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition due to Node.js module snowflake ( CVE-2025-46328 )

Summary IBM App Connect Enterprise Discovery Connectors is vulnerable to Time-of-check Time-of-use TOCTOU Race Condition due to Node.js module snowflake Vulnerability Details CVEID:CVE-2025-46328 DESCRIPTION: snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10...

TencentOS Server 4: protobuf (TSSA-2024:0925)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0925 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

PT-2025-25515 · Wifi Soft · Wifi-Soft Unibox Controller

Name of the Vulnerable Software and Affected Versions: Wifi-soft UniBox Controller versions up to 20250506 Description: A critical issue was found in Wifi-soft UniBox Controller, affecting an unknown part of the file /billing/pms check.php. The manipulation of the ipaddress argument leads to os...

PT-2025-25508 · Utt · Utt 进取 750W

Name of the Vulnerable Software and Affected Versions: UTT 进取 750W versions up to 5.0 Description: A critical issue affects the strcpy function of the /goform/setSysAdm component API. The manipulation of the passwd1 argument leads to a buffer overflow. This issue can be exploited remotely...

TencentOS Server 4: flac (TSSA-2025:0147)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0147 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: bind9.16 (TSSA-2023:0198)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0198 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: qt5-qtbase (TSSA-2024:0298)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0298 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...