5.4
CVE-2025-3877 - thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/β¦
This CVE was marked as fixed, but due to other code landing - was not actually fixed. It was subsequently fixed in CVE-2025-5986.
6.5
CVE-2025-3932 - Tracking Links in Attachments Bypassed Remote Content Blocking
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pageβ¦
8.1
CVE-2025-3909 - JavaScript Execution via Spoofed PDF Attachment and file:/// Link
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, aβ¦
7.5
CVE-2025-3875 - Sender Spoofing via Malformed From Header in Thunderbird
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats [email protected] as the actual address. This vulnerability was fixedβ¦
7.2
CVE-2025-40595 -
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
8.9
CVE-2025-47782 - motionEye vulnerable to RCE in add_camera Function Due to unsafe command execution
motionEye is an online interface for the software motion, a video surveillance program with motion detection. In versions 0.43.1b1 through 0.43.1b3, using a constructed (camera) device path with the `add`/`add_camera` motionEye web API allows an attacker with motionEye admin user credentials to exeβ¦
9.8
CVE-2025-47781 - Rallly Insufficient Password Login Token Entropy Leads to Account Takeover
Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the authentβ¦
6.1
CVE-2025-47778 - Sulu vulnerable to XXE in SVG File upload Inspector
Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has beeβ¦
9.7
CVE-2025-47777 - 5ire Client Vulnerable to Cross-Site Scripting (XSS) and Remote Code Execution (RCE)
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Versions prior to 0.11.1 are vulnerable to stored cross-site scripting in chatbot responses due to insufficient sanitization. This, in turn, can lead to Remote Code Execution (RCE) via unsafe Electβ¦
6.2
CVE-2025-47775 - Bullfrog's DNS over TCP bypasses domain filtering
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue.