6.5
CVE-2025-62426 - vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `cβ¦
vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, the /v1/chat/completions and /tokenize endpoints allow a chat_template_kwargs request parameter that is used in the code before it is properly validated against the chat template. With theβ¦
8.8
CVE-2025-62164 - VLLM deserialization vulnerability leading to DoS and potential RCE
vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash (denial-of-service) and potentially remote code execution (RCE), exists in the Completions API endpoint. When processing user-suppβ¦
8.7
CVE-2025-64755 - @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.
6.9
CVE-2025-13485 - itsourcecode Online File Management System ajax.php sql injection
A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been releaseβ¦
7.0
CVE-2025-40211 - ACPI: video: Fix use-after-free in acpi_video_switch_brightness()
In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpi_video_switch_brightness() The switch_brightness_work delayed work accesses device->brightness and device->backlight, freed by acpi_video_dev_unregister_backlight() during device removal. Iβ¦
5.5
CVE-2025-40209 - btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation When btrfs_add_qgroup_relation() is called with invalid qgroup levels (src >= dst), the function returns -EINVAL directly without freeing the preallocated qgroup_β¦
4.8
CVE-2025-13484 - Campcodes Complete Online Beauty Parlor Management System customer-list.php cross site scripting
A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit is puβ¦
8.3
CVE-2025-62459 - Microsoft Defender Portal Spoofing Vulnerability
Microsoft Defender Portal Spoofing Vulnerability
5.7
CVE-2025-64660 - GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network.
8.6
CVE-2025-62207 - Azure Monitor Elevation of Privilege Vulnerability
Azure Monitor Elevation of Privilege Vulnerability