24h | 7d | 30d

Overview

  • Aarondoran
  • servify-express

12 Dec 2025
Published
12 Dec 2025
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

Servify Express is a Node.js package to start an Express server and log the port it's running on. Prior to 1.2, the Express server used express.json() without a size limit, which could allow attackers to send extremely large request bodies. This can cause excessive memory usage, degraded performance, or process crashes, resulting in a Denial of Service (DoS). Any application using the JSON parser without limits and exposed to untrusted clients is affected. The issue is not a flaw in Express itself, but in configuration. This issue is fixed in version 1.2. To work around, consider adding a limit option to the JSON parser, rate limiting at the application or reverse-proxy level, rejecting unusually large requests before parsing, or using a reverse proxy (such as NGINX) to enforce maximum request body sizes.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture

🚨 CVE-2025-67731 (HIGH, CVSS 8.7): Aarondoran servify-express <1.2 lets attackers send huge JSON bodies, causing DoS. Fix: upgrade to 1.2+, set parser size limits, or use reverse proxy controls. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago

Overview

  • aliasrobotics
  • cai

10 Dec 2025
Published
11 Dec 2025
Updated

CVSS v3.1
CRITICAL (9.7)
EPSS
0.11%

KEV

Description

Cybersecurity AI (CAI) is an open-source framework for building and deploying AI-powered offensive and defensive automation. Versions 0.5.9 and below are vulnerable to Command Injection through the run_ssh_command_with_credentials() function, which is available to AI agents. Only password and command inputs are escaped in run_ssh_command_with_credentials to prevent shell injection; while username, host and port values are injectable. This issue does not have a fix at the time of publication.

Statistics

  • 2 Posts

Last activity: 12 hours ago

Bluesky

Profile picture
CVE-2025-67511 affects all versions of the Cybersecurity AI (CAI) framework up to and including 0.5.9. If you use it, make sure you know how to reduce the risk of damage (see link above). #CVE #CommandInjection #AISecurity #Cybersecurity 🧵 2/4
  • 0
  • 0
  • 0
  • 12h ago
Profile picture
A pentesting AI agent pwned with an HTML comment on a target server? That's actually kind of funny on the one hand, but deeply concerning on the other. CVE-2025-67511 references a critical, ‼️unpatched‼️ command injection issue in the CAI pentesting agent Details and mitigation: buff.ly/x6gPiPf 🧵 1/4
  • 0
  • 0
  • 0
  • 12h ago

Overview

  • Pending

27 Mar 2024
Published
04 Nov 2025
Updated

CVSS
Pending
EPSS
0.07%

KEV

Description

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

Statistics

  • 2 Posts

Last activity: 18 hours ago

Bluesky

Profile picture
Critical security update for #Qt framework users on #Ubuntu. Vulnerability CVE-2024-25580 allows crafted files to crash apps or execute malicious code via memory corruption. Read more: 👉 tinyurl.com/32dw459b #Security
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
Critical #Qt vulnerability (CVE-2024-25580) impacts #Ubuntu 20.04/22.04 LTS. Memory corruption flaw allows DoS or arbitrary code execution via a crafted file Read more: 👉 tinyurl.com/67m9uz34 #Security
  • 0
  • 0
  • 0
  • 18h ago

Overview

  • RARLAB
  • WinRAR

21 Jun 2025
Published
10 Dec 2025
Updated

CVSS v3.0
HIGH (7.8)
EPSS
7.17%

Description

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.

Statistics

  • 1 Post

Last activity: 8 hours ago

Bluesky

Profile picture
📌 CISA Adds Actively Exploited WinRAR Vulnerability (CVE-2025-6218) to KEV Catalog https://www.cyberhub.blog/article/16647-cisa-adds-actively-exploited-winrar-vulnerability-cve-2025-6218-to-kev-catalog
  • 0
  • 0
  • 0
  • 8h ago

Overview

  • Pending

09 Dec 2025
Published
10 Dec 2025
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the context of an administrator's browser (for example after DHCP release/renew triggers the interface to display the stored hostname). Because the management interface uses weak/basic authentication and does not properly protect or isolate session material, the XSS can be used to exfiltrate the admin session and perform administrative actions.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture
The DHCP Hostname Heist: How a Simple Router Misconfiguration (CVE-2025-65289) Grants Hackers Permanent Admin Access from Inside Your LAN Introduction: A recently disclosed vulnerability, CVE-2025-65289, exposes a critical security flaw in the Mercury MR816v2 router firmware, turning a fundamental…
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • sh1zen
  • Multi Uploader for Gravity Forms

12 Dec 2025
Published
12 Dec 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
Pending

KEV

Description

The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_ajax_delete_file' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

Statistics

  • 1 Post

Last activity: 4 hours ago

Fediverse

Profile picture

🚨 CRITICAL (CVSS 9.8): Path traversal in sh1zen Multi Uploader for Gravity Forms (all versions) lets unauthenticated attackers delete files on WordPress servers. Audit, disable, or remove plugin now. CVE-2025-14344 radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 4h ago

Overview

  • lazycoders
  • LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart

12 Dec 2025
Published
12 Dec 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
Pending

KEV

Description

The LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.2.29. This is due to the plugin not properly validating a user's identity via the 'wp-json/lazytasks/api/v1/user/role/edit/' REST API endpoint prior to updating their details like email address. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. It is also possible for attackers to abuse this endpoint to grant users with access to additional roles within the plugin

Statistics

  • 1 Post

Last activity: 5 hours ago

Fediverse

Profile picture

🚨 CRITICAL: CVE-2025-12963 in LazyTasks (WordPress)—all versions. Missing auth on REST API allows unauth’d account takeover & privilege escalation. Disable 'user/role/edit/' endpoint & monitor logs! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 5h ago

Overview

  • Mozilla
  • Firefox

09 Dec 2025
Published
11 Dec 2025
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Statistics

  • 1 Post

Last activity: 20 hours ago

Bluesky

Profile picture
URGENT: #Debian 11 #Security update for Firefox ESR (DLA-4401-1) patches critical flaws like CVE-2025-14321. Risks: arbitrary code execution & sandbox escape. Read more: 👉 tinyurl.com/5b4jmr4f
  • 0
  • 0
  • 0
  • 20h ago

Overview

  • Linux
  • Linux

12 Nov 2025
Published
01 Dec 2025
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() The function btrfs_encode_fh() does not properly account for the three cases it handles. Before writing to the file handle (fh), the function only returns to the user BTRFS_FID_SIZE_NON_CONNECTABLE (5 dwords, 20 bytes) or BTRFS_FID_SIZE_CONNECTABLE (8 dwords, 32 bytes). However, when a parent exists and the root ID of the parent and the inode are different, the function writes BTRFS_FID_SIZE_CONNECTABLE_ROOT (10 dwords, 40 bytes). If *max_len is not large enough, this write goes out of bounds because BTRFS_FID_SIZE_CONNECTABLE_ROOT is greater than BTRFS_FID_SIZE_CONNECTABLE originally returned. This results in an 8-byte out-of-bounds write at fid->parent_root_objectid = parent_root_id. A previous attempt to fix this issue was made but was lost. https://lore.kernel.org/all/4CADAEEC020000780001B32C@vpn.id2.novell.com/ Although this issue does not seem to be easily triggerable, it is a potential memory corruption bug that should be fixed. This patch resolves the issue by ensuring the function returns the appropriate size for all three cases and validates that *max_len is large enough before writing any data.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture
CVE-2025-40205 btrfs: avoid potential out-of-bounds in btrfs_encode_fh() scq.ms/3XFaLLu #MicrosoftSecurity #cybersecurity
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Linux
  • Linux

12 Nov 2025
Published
01 Dec 2025
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4_xattr_inode_update_ref() reads an EA inode refcount that is already <= 0 and then applies ref_change (often -1). That lets the refcount underflow and we proceed with a bogus value, triggering errors like: EXT4-fs error: EA inode <n> ref underflow: ref_count=-1 ref_change=-1 EXT4-fs warning: ea_inode dec ref err=-117 Make the invariant explicit: if the current refcount is non-positive, treat this as on-disk corruption, emit ext4_error_inode(), and fail the operation with -EFSCORRUPTED instead of updating the refcount. Delete the WARN_ONCE() as negative refcounts are now impossible; keep error reporting in ext4_error_inode(). This prevents the underflow and the follow-on orphan/cleanup churn.

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture
CVE-2025-40190 ext4: guard against EA inode refcount underflow in xattr update scq.ms/4rFn7Ro #MicrosoftSecurity #cybersecurity
  • 0
  • 0
  • 0
  • 23h ago
Showing 21 to 30 of 79 CVEs