Overview
- gristlabs
- grist-core
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2026-24002 - Critical (9)
Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, bu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24002/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2025-57156 - High (7.5)
NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-57156/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2025-70651 - High (7.5)
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70651/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- EVerest
- everest-core
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2025-68137 - High (8.3)
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining lengt...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68137/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- laravel
- reverb
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2026-23524 - Critical (9.8)
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize() function without restricting which classes can...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23524/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- lxsmnsyc
- seroval
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2026-23737 - High (7.5)
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, improper input handling in the JSON deserialization component can lead to arbitrary JavaScript code executi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- nanbingxyz
- 5ire
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2026-22792 - Critical (9.6)
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML rendering permits untrusted HTML (including on* event attributes) to execute in the renderer context. An ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22792/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2025-55423 - Critical (9.8)
A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sani...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-55423/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- mastodon
- mastodon
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2026-23962 - High (7.5)
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23962/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2025-66902 - High (7.5)
An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocket_server/websocket_server.py, WebSocketServer._message_received components.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-66902/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack