5.3
CVE-2025-68430 - CVAT vulnerable to directory traversal via mounted share listing
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of cβ¦
7.1
CVE-2025-68478 - Langflow Vulnerable to External Control of File Name or Path
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's `fs_path`, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normaliβ¦
4.8
CVE-2025-14957 - WebAssembly Binaryen IRBuilder wasm-ir-builder.cpp makeLocalTee null pointer dereference
A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer dereβ¦
7.7
CVE-2025-68477 - Langflow vulnerable to Server-Side Request Forgery
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and β¦
0.6
CVE-2025-68457 - Orejime has executable code in HTML attributes
Orejime is a consent manager that focuses on accessibility. On HTML elements handled by Orejime prior to version 2.3.2, one could run malicious code by embedding `javascript:` code within data attributes. When consenting to the related purpose, Orejime would turn data attributes into unprefixed oneβ¦
7.4
CVE-2025-14809 - Address bar spoofing risk in ArcSearch on Android
ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content.
7.5
CVE-2025-14812 - Address bar spoofing risk in Arc Search on iOS
ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk.
9.7
CVE-2025-66580 - Dive has Cross-Site Scripting vulnerability that can escalate to Remote Code Execution
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. A critical Stored Cross-Site Scripting (XSS) vulnerability exists in versions prior to 0.11.1 in the Mermaid diagram rendering component. The application allows the execution of arbitrary JavaScβ¦
6.4
CVE-2025-65035 - GLPI Database Inventory Plugin Vulnerable to Stored Object Injection
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions (database write access must first be obtained through another vulnerability or misconfiguration)β¦
6.8
CVE-2023-30971 - Gaia unauthenticated endpoints
Gotham Gaia application was found to be exposing multiple unauthenticated endpoints.