6.1
CVE-2025-70032 -
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
7.5
CVE-2025-70059 -
An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in YMFE yapi v1.12.0 and allows attackers to cause a denial of service.
6.1
CVE-2025-70037 -
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code.
6.2
CVE-2025-69648 - binutils: infinite loop in readelf via crafted binary with malformed DWARF .debug_rnglists data
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a β¦
6.2
CVE-2025-69647 - binutils: infinite loop in readelf via crafted binary with malformed DWARF loclists data
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounβ¦
8.8
CVE-2025-70038 -
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code.
5.3
CVE-2026-3789 - Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request foβ¦
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl resultβ¦
5.3
CVE-2026-3788 - Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side β¦
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the β¦
7.3
CVE-2026-3787 - UltraVNC Windows Service cryptbase.dll uncontrolled search path
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. Tβ¦
5.3
CVE-2026-3786 - EasyCMS Request Parameter RbacuserAction.class.php sql injection
A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument _order results in sql injection. The attack can be launched remotely. The exploit β¦