cve.li

Recent

CVE-2025-59946CWE-416

NanoMQ has a Use After Free vulnerability via sub info list

Published 2025-12-27 by GitHub_M

CVE-2025-68952CWE-94

1-click Remote Code Execution (RCE) vulnerability in Eigent

Published 2025-12-27 by GitHub_M

CVE-2025-68948CWE-321

SiYuan: Information Disclosure and Authentication Bypass via Hardcoded Session Secret

Published 2025-12-27 by GitHub_M

CVE-2025-68927CWE-79

Improper Neutralization of HTML Tags in a Web Page in libredesk

Published 2025-12-27 by GitHub_M

CVE-2025-68474CWE-787

ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling

Published 2025-12-26 by GitHub_M

CVE-2025-68473CWE-787

ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling

Published 2025-12-26 by GitHub_M

CVE-2025-68148CWE-770

FreshRSS globally denies access to feed via proxy modifying to 429 Retry-After

Published 2025-12-26 by GitHub_M

CVE-2025-68932CWE-338

FreshRSS has weak cryptographic randomness in remember-me token and nonce generation

Published 2025-12-26 by GitHub_M

CVE-2025-66203CWE-78

StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection

Published 2025-12-26 by GitHub_M

CVE-2025-67729CWE-502

lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()

Published 2025-12-26 by GitHub_M

CVE-2025-68697CWE-269CWE-749

Self-hosted n8n has Legacy Code node that enables arbitrary file read/write

Published 2025-12-26 by GitHub_M

CVE-2025-68668CWE-693

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Published 2025-12-26 by GitHub_M

CVE-2025-61914CWE-79

n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox

Published 2025-12-26 by GitHub_M

CVE-2025-13158CWE-1321

apidoc-core - prototype pollution in api_group.js, api_param_title.js, api_use.js, and api_permission.js worker

Published 2025-12-26 by Sonatype

CVE-2025-64645CWE-367

Time-of-check Time-of-use (TOCTOU) in IBM Concert Software.

Published 2025-12-26 by ibm

CVE-2025-36230CWE-80

XSS in IBM Aspera Faspex

Published 2025-12-26 by ibm

CVE-2025-36229CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex

Published 2025-12-26 by ibm

CVE-2025-36228CWE-279

Incorrect Execution-Assigned Permissions in IBM Aspera Faspex

Published 2025-12-26 by ibm

CVE-2025-36192CWE-862

Missing Authorization with the DS8900F and DS8A00 Hardware Management Console

Published 2025-12-26 by ibm

CVE-2025-14687CWE-602

Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center

Published 2025-12-26 by ibm

Load more ↓