Overview
Description
A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missing state synchronization. This leads to a use-after-free memory access, potentially crashing the affected application. Attackers could exploit this behavior remotely by triggering specific HTTP/2 read and cancel sequences, resulting in a denial-of-service condition.
Statistics
- 2 Posts
- 1 Interaction
Last activity: 3 hours ago
Bluesky
Technical Deep Dive: Analyzing the libsoup vulnerability (CVE-2025-12105) on #openSUSE. Beyond the patch, we explore its implications for software supply chain security and enterprise vulnerability management. Read more: 👉 tinyurl.com/mpjd36c2 #Security
Overview
Description
A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Statistics
- 1 Post
- 1 Interaction
Last activity: 18 hours ago
Overview
- JumpCloud Inc.
- Remote Assist
02 Dec 2025
Published
02 Dec 2025
Updated
CVSS v4.0
HIGH (8.5)
EPSS
0.02%
KEV
Description
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.
Statistics
- 1 Post
- 1 Interaction
Last activity: 8 hours ago
Overview
- nanbingxyz
- 5ire
23 Dec 2025
Published
24 Dec 2025
Updated
CVSS v3.1
CRITICAL (9.7)
EPSS
0.04%
KEV
Description
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication.
Statistics
- 1 Post
Last activity: 15 hours ago
Fediverse
🚨 CVE-2025-68669 (CRITICAL, CVSS 9.7) impacts nanbingxyz 5ire ≤0.15.2. Unpatched RCE via markdown-it-mermaid plugin’s loose security—malicious Mermaid diagrams can execute arbitrary code. Disable plugin & validate inputs! https://radar.offseq.com/threat/cve-2025-68669-cwe-79-improper-neutralization-of-i-63086d96 #OffSeq #RCE #Vuln #AIsecurity
Overview
Description
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
Statistics
- 3 Posts
Last activity: Last hour
Bluesky
🚨 Critical vuln alert: CVE-2024-45490 (MOZJS52-SUSE-2025-4512-1). Memory corruption in Mozilla's JavaScript engine (mozjs52) on #SUSE Linux. Could lead to arbitrary code execution. Patch now!
Read more: 👉 tinyurl.com/bdhs926x #Security
Overview
Description
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.
Statistics
- 1 Post
Last activity: 22 hours ago
Overview
- nextcloud
- security-advisories
22 Dec 2023
Published
02 Aug 2024
Updated
CVSS v3.1
MEDIUM (4.3)
EPSS
0.25%
KEV
Description
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workarounds are available.
Statistics
- 1 Post
Last activity: 10 hours ago
Bluesky
Overview
- livewire
- livewire
17 Jul 2025
Published
17 Jul 2025
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.08%
KEV
Description
Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. No known workarounds are available.
Statistics
- 1 Post
Last activity: 23 hours ago
Overview
- coollabsio
- coolify
23 Dec 2025
Published
24 Dec 2025
Updated
CVSS v4.0
CRITICAL (9.4)
EPSS
0.57%
KEV
Description
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. The file_storage_directory_source parameter is passed directly to shell commands without proper sanitization, enabling full remote code execution on the host system. Version 4.0.0-beta.451 fixes the issue.
Statistics
- 1 Post
Last activity: 12 hours ago
Fediverse
🔴 CRITICAL: CVE-2025-66213 in Coolify pre-4.0.0-beta.451 allows authenticated users to inject commands as root via file_storage_directory_source. Patch to 4.0.0-beta.451 now! Details: https://radar.offseq.com/threat/cve-2025-66213-cwe-78-improper-neutralization-of-s-1966d389 #OffSeq #Coolify #Vulnerability #RCE #Infosec
Overview
Description
Cisco is aware of a potential vulnerability. Cisco is currently investigating and will update these details as appropriate as more information becomes available.
Statistics
- 1 Post
Last activity: 5 hours ago