9.6
CVE-2025-54982 - SAML 2.0 Public Key Validation Issue
An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on the server-side allowed an authentication abuse.
6.9
CVE-2025-8547 - atjiu pybbs Email Verification improper authorization
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the puβ¦
6.9
CVE-2025-8546 - atjiu pybbs Verification Code login Captcha
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been discloβ¦
7.5
CVE-2025-54868 - LibreChat exposes arbitrary chats through Meilisearch engine
LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoint /api/search/test allows for direct access to stored chats in the Meilisearch engine without propeβ¦
4.8
CVE-2025-8545 - Portabilis i-Educar educar_motivo_afastamento_cad.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site scripting. The attack may beβ¦
4.8
CVE-2025-8544 - Portabilis i-Educar edit cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched remotely. The exploit β¦
4.8
CVE-2025-8543 - Portabilis i-Educar educar_raca_cad.php cross site scripting
A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_raca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has beenβ¦
4.8
CVE-2025-8542 - Portabilis i-Educar empresas_cad.php cross site scripting
A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the argument fantasia/razao_social leads to cross site scripting. The attack may be initiated remotely. Theβ¦
4.8
CVE-2025-8541 - Portabilis i-Educar public_uf_cad.php cross site scripting
A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely. The exploit has beeβ¦
9.3
CVE-2025-53417 - File Parsing Deserialization of Untrusted Data in DTM Soft
DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability