6.9
CVE-2025-52894 - OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of seβ¦
4.5
CVE-2025-52893 - OpenBao May Leak Sensitive Information in Logs When Processing Malformed Data
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. Thisβ¦
5.9
CVE-2025-6442 - Ruby WEBrick read_header HTTP Request Smuggling Vulnerability
Ruby WEBrick read_header HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. Theβ¦
8.1
CVE-2025-52890 - Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead β¦
3.4
CVE-2025-52889 - Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with β¦
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `securiβ¦
5.3
CVE-2025-52576 - Kanboard vulnerable to Username Enumeration via Login Behavior and Bruteforce Protection Bypass
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine valid β¦
6.6
CVE-2025-52569 - GitHub.jl lacks validation for user-provided fields
GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field. These inputs are not valβ¦
8.1
CVE-2025-52483 - Registrator.jl Vulnerable to Argument Injection and Command Injection
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities) a shell script injection can occur within the `wβ¦
8.1
CVE-2025-52480 - Registrator.jl Argument Injection Vulnerability
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities), an argument injection is possible in the `gettrβ¦
9.3
CVE-2025-49153 - Path Traversal in MICROSENS NMP Web+
The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code.