Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
3313 vulnerabilities
CVE-2026-4276 (GCVE-0-2026-4276)
Vulnerability from cvelistv5 – Published: 2026-03-16 15:31 – Updated: 2026-03-17 17:15
VLAI?
Title
LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries.
Summary
LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-16T16:22:47.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/624941"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-4276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-17T17:14:14.174075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T17:15:16.494Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RAG API",
"vendor": "LibreChat",
"versions": [
{
"status": "affected",
"version": "0.7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20 Improper Input Validation",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-117 Improper Output Neutralization for Logs",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:31:35.542Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://kb.cert.org/vuls/id/624941"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries.",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-4276"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-4276",
"datePublished": "2026-03-16T15:31:35.542Z",
"dateReserved": "2026-03-16T15:25:58.025Z",
"dateUpdated": "2026-03-17T17:15:16.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3989 (GCVE-0-2026-3989)
Vulnerability from cvelistv5 – Published: 2026-03-12 11:37 – Updated: 2026-03-16 18:21
VLAI?
Title
CVE-2026-3989
Summary
SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script.
Severity ?
7.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3989",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T18:21:15.871965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:21:27.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SGLang",
"vendor": "SGLang",
"versions": [
{
"lessThanOrEqual": "0.5.9",
"status": "affected",
"version": "0.5.5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T11:37:48.314Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/sgl-project/sglang/blob/main/scripts/playground/replay_request_dump.py"
},
{
"url": "https://orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-3989",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-3989"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-3989",
"datePublished": "2026-03-12T11:37:48.314Z",
"dateReserved": "2026-03-11T16:41:06.512Z",
"dateUpdated": "2026-03-16T18:21:27.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3060 (GCVE-0-2026-3060)
Vulnerability from cvelistv5 – Published: 2026-03-12 11:37 – Updated: 2026-03-12 14:21
VLAI?
Title
CVE-2026-3060
Summary
SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3060",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:20:47.695650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:21:19.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SGLang",
"vendor": "SGLang",
"versions": [
{
"lessThanOrEqual": "0.5.9",
"status": "affected",
"version": "0.5.5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SGLang\u0027 encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads() without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T11:37:37.009Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/sgl-project/sglang/blob/main/python/sglang/srt/disaggregation/encode_receiver.py"
},
{
"url": "https://orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-3060",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-3060"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-3060",
"datePublished": "2026-03-12T11:37:37.009Z",
"dateReserved": "2026-02-23T18:17:34.976Z",
"dateUpdated": "2026-03-12T14:21:19.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3059 (GCVE-0-2026-3059)
Vulnerability from cvelistv5 – Published: 2026-03-12 11:37 – Updated: 2026-03-12 14:26
VLAI?
Title
CVE-2026-3059
Summary
SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-3059",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T14:26:09.705237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T14:26:54.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SGLang",
"vendor": "SGLang",
"versions": [
{
"lessThanOrEqual": "0.5.9",
"status": "affected",
"version": "0.5.5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SGLang\u0027s multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T11:37:25.713Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/sgl-project/sglang/security/advisories/GHSA-3cp7-c6q2-94xr"
},
{
"url": "https://github.com/sgl-project/sglang/blob/main/python/sglang/multimodal_gen/runtime/scheduler_client.py"
},
{
"url": "https://orca.security/resources/blog/sglang-llm-framework-rce-vulnerabilities/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-3059",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-3059"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-3059",
"datePublished": "2026-03-12T11:37:25.713Z",
"dateReserved": "2026-02-23T18:17:22.540Z",
"dateUpdated": "2026-03-12T14:26:54.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13476 (GCVE-0-2025-13476)
Vulnerability from cvelistv5 – Published: 2026-03-05 16:53 – Updated: 2026-03-06 10:36
VLAI?
Title
Rakuten Viber uses broken or risky cryptographic Algorithm
Summary
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)
Severity ?
9.8 (Critical)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Rakuten Viber | Rakuten Viber Cloak - Android |
Affected:
25.7.2.0g , < 27.2.0.0g
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-05T18:35:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/772695"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T10:34:45.858741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T10:36:09.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Viber Cloak - Android",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "27.2.0.0g",
"status": "affected",
"version": "25.7.2.0g",
"versionType": "custom"
}
]
},
{
"product": "Rakuten Viber Cloak - Windows",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "v27.3.0.0",
"status": "affected",
"version": "v25.6.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0\u2013v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-693",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T16:53:32.465Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.viber.com/en/download/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rakuten Viber uses broken or risky cryptographic Algorithm",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13476"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13476",
"datePublished": "2026-03-05T16:53:32.465Z",
"dateReserved": "2025-11-20T12:38:19.605Z",
"dateUpdated": "2026-03-06T10:36:09.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2256 (GCVE-0-2026-2256)
Vulnerability from cvelistv5 – Published: 2026-03-02 20:09 – Updated: 2026-03-03 20:07
VLAI?
Title
Command injection vulnerability in ModelScope's ms-agent
Summary
A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.
Severity ?
6.5 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ModelScope | ms-agent |
Affected:
0 , ≤ v1.6.0rc1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-02T21:10:07.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/431821"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2256",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T20:06:53.906869Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T20:07:24.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ms-agent",
"vendor": "ModelScope",
"versions": [
{
"lessThanOrEqual": "v1.6.0rc1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability in ModelScope\u0027s ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T20:09:11.808Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/modelscope/ms-agent"
},
{
"url": "https://www.hiddenlayer.com/research/indirect-prompt-injection-of-claude-computer-use"
},
{
"url": "https://medium.com/@itamar.yochpaz/cve-2026-2256-from-ai-prompt-to-full-system-compromise-a4114c718326"
},
{
"url": "https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command injection vulnerability in ModelScope\u0027s ms-agent",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-2256"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-2256",
"datePublished": "2026-03-02T20:09:11.808Z",
"dateReserved": "2026-02-09T15:23:17.916Z",
"dateUpdated": "2026-03-03T20:07:24.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1774 (GCVE-0-2026-1774)
Vulnerability from cvelistv5 – Published: 2026-02-10 15:38 – Updated: 2026-02-11 14:44
VLAI?
Title
CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability.
Summary
CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability.
Severity ?
9.8 (Critical)
CWE
- CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CASL Ability | CASL Ability |
Affected:
2.4.0 , ≤ 6.7.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-02-10T16:22:54.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/458422"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-1774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T14:43:52.840334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T14:44:50.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CASL Ability",
"vendor": "CASL Ability",
"versions": [
{
"lessThanOrEqual": "6.7.4",
"status": "affected",
"version": "2.4.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:59:23.902Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/stalniy/casl/tree/master/packages/casl-ability"
},
{
"url": "https://cwe.mitre.org/data/definitions/1321.html"
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/Prototype_pollution"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability.",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-1774"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-1774",
"datePublished": "2026-02-10T15:38:03.265Z",
"dateReserved": "2026-02-02T17:01:20.831Z",
"dateUpdated": "2026-02-11T14:44:50.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57784 (GCVE-0-2025-57784)
Vulnerability from cvelistv5 – Published: 2026-01-26 17:47 – Updated: 2026-01-26 20:52
VLAI?
Title
Tomahawk authentication timing attack due to usage of 'strcmp'
Summary
Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client.
Severity ?
4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hiawatha | Hiawatha Web server |
Affected:
11.7 , ≤ 8.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-57784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-26T20:51:24.745237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T20:52:06.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Hiawatha Web server",
"vendor": "Hiawatha",
"versions": [
{
"lessThanOrEqual": "8.5",
"status": "affected",
"version": "11.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-208 Observable Timing Discrepancy",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T17:47:19.382Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/tomahawk.c?ref_type=heads#L429"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Tomahawk authentication timing attack due to usage of \u0027strcmp\u0027",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-57784"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-57784",
"datePublished": "2026-01-26T17:47:19.382Z",
"dateReserved": "2025-08-19T17:36:13.586Z",
"dateUpdated": "2026-01-26T20:52:06.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57785 (GCVE-0-2025-57785)
Vulnerability from cvelistv5 – Published: 2026-01-26 17:46 – Updated: 2026-01-26 20:54
VLAI?
Title
Double free in XSLT in 'show_index'
Summary
A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution.
Severity ?
6.5 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hiawatha | Hiawatha Web server |
Affected:
11.47 , ≤ 10.8.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-57785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-26T20:53:37.495097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T20:54:04.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Hiawatha Web server",
"vendor": "Hiawatha",
"versions": [
{
"lessThanOrEqual": "10.8.2",
"status": "affected",
"version": "11.47",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-415 Double Free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T17:46:09.707Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/xslt.c?ref_type=heads#L675"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Double free in XSLT in \u0027show_index\u0027",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-57785"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-57785",
"datePublished": "2026-01-26T17:46:09.707Z",
"dateReserved": "2025-08-19T17:36:13.586Z",
"dateUpdated": "2026-01-26T20:54:04.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57783 (GCVE-0-2025-57783)
Vulnerability from cvelistv5 – Published: 2026-01-26 17:45 – Updated: 2026-01-26 20:55
VLAI?
Title
Improper header parsing may lead to request smuggling
Summary
Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hiawatha | Hiawatha Web server |
Affected:
11.7 , ≤ 8.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-57783",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-26T20:54:38.078522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T20:55:04.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Hiawatha Web server",
"vendor": "Hiawatha",
"versions": [
{
"lessThanOrEqual": "8.5",
"status": "affected",
"version": "11.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T17:45:36.947Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/http.c?ref_type=heads#L205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper header parsing may lead to request smuggling",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-57783"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-57783",
"datePublished": "2026-01-26T17:45:36.947Z",
"dateReserved": "2025-08-19T17:36:13.585Z",
"dateUpdated": "2026-01-26T20:55:04.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0622 (GCVE-0-2026-0622)
Vulnerability from cvelistv5 – Published: 2026-01-20 19:56 – Updated: 2026-01-21 16:47
VLAI?
Title
Open 5GS WebUI uses a hard-coded JWT signing key
Summary
Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset
Severity ?
6.5 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-20T20:27:10.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/458022"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-0622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T16:47:23.984803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:47:50.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "open5GS",
"vendor": "NewPlane",
"versions": [
{
"lessThanOrEqual": "2.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T19:59:58.794Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/open5gs/open5gs/issues/2264"
},
{
"url": "https://github.com/open5gs/open5gs/issues/856"
},
{
"url": "https://github.com/open5gs/open5gs/pull/857"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Open 5GS WebUI uses a hard-coded JWT signing key",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-0622"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-0622",
"datePublished": "2026-01-20T19:56:04.996Z",
"dateReserved": "2026-01-05T20:12:06.482Z",
"dateUpdated": "2026-01-21T16:47:50.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1245 (GCVE-0-2026-1245)
Vulnerability from cvelistv5 – Published: 2026-01-20 18:50 – Updated: 2026-01-21 17:10
VLAI?
Title
CVE-2026-1245
Summary
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without sanitization, enabling attackers to execute arbitrary code in the context of the Node.js process.
Severity ?
6.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| binary-parser | binary-parser |
Affected:
0 , < 2.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-20T20:23:29.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/102648"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-1245",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T16:44:44.620209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:45:09.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "binary-parser",
"vendor": "binary-parser",
"versions": [
{
"lessThan": "2.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without sanitization, enabling attackers to execute arbitrary code in the context of the Node.js process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u2018Eval Injection\u2019)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T17:10:56.426Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/keichi/binary-parser/pull/283"
},
{
"url": "https://github.com/keichi/binary-parser"
},
{
"url": "https://www.npmjs.com/package/binary-parser"
},
{
"url": "https://kb.cert.org/vuls/id/102648"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2026-1245",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-1245"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-1245",
"datePublished": "2026-01-20T18:50:34.232Z",
"dateReserved": "2026-01-20T18:48:57.730Z",
"dateUpdated": "2026-01-21T17:10:56.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14369 (GCVE-0-2025-14369)
Vulnerability from cvelistv5 – Published: 2026-01-20 11:49 – Updated: 2026-01-20 14:33
VLAI?
Title
CVE-2025-14369
Summary
dr_flac, an audio decoder within the dr_libs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool.
Severity ?
5.5 (Medium)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-20T13:19:03.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/924114"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-14369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T14:29:15.620915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T14:33:15.550Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "dr_flac",
"vendor": "mackron",
"versions": [
{
"lessThanOrEqual": "0.13.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dr_flac, an audio decoder within the dr_libs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T11:49:08.348Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/mackron/dr_libs/commit/b2197b2eb7bb609df76315bebf44db4ec2a1aed0"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-14369",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-14369"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-14369",
"datePublished": "2026-01-20T11:49:08.348Z",
"dateReserved": "2025-12-09T18:31:22.317Z",
"dateUpdated": "2026-01-20T14:33:15.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0615 (GCVE-0-2026-0615)
Vulnerability from cvelistv5 – Published: 2026-01-16 12:47 – Updated: 2026-01-16 14:38
VLAI?
Title
CVE-2026-0615
Summary
The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions.
Severity ?
7.3 (High)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TheLibrarian | TheLibrarian.io |
Affected:
0 , ≤ 1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-0615",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T14:38:33.181564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T14:38:37.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TheLibrarian.io",
"vendor": "TheLibrarian",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Librarian `supervisord` status page can be retrieved by the `web_fetch` tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T12:47:27.747Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "http://mindgard.ai/blog/thelibrarian-ios-ai-security-"
},
{
"url": "https://thelibrarian.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-0615",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-0615"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-0615",
"datePublished": "2026-01-16T12:47:27.747Z",
"dateReserved": "2026-01-05T17:41:40.682Z",
"dateUpdated": "2026-01-16T14:38:37.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0616 (GCVE-0-2026-0616)
Vulnerability from cvelistv5 – Published: 2026-01-16 12:46 – Updated: 2026-01-16 21:40
VLAI?
Title
CVE-2026-0616
Summary
TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions.
Severity ?
7.5 (High)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TheLibrarian | TheLibrarian.io |
Affected:
0 , ≤ 1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-0616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T21:39:40.680029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T21:40:36.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TheLibrarian.io",
"vendor": "TheLibrarian",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T12:46:58.266Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://mindgard.ai/blog/thelibrarian-ios-ai-security-disclosure"
},
{
"url": "https://thelibrarian.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-0616",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-0616"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-0616",
"datePublished": "2026-01-16T12:46:58.266Z",
"dateReserved": "2026-01-05T17:42:09.153Z",
"dateUpdated": "2026-01-16T21:40:36.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0613 (GCVE-0-2026-0613)
Vulnerability from cvelistv5 – Published: 2026-01-16 12:46 – Updated: 2026-01-16 21:41
VLAI?
Title
CVE-2026-0613
Summary
The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has fixed the vulnerability in all affected versions.
Severity ?
7.5 (High)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TheLibrarian | TheLibrarian.io |
Affected:
0 , ≤ 1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-0613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T21:41:27.699155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T21:41:53.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TheLibrarian.io",
"vendor": "TheLibrarian",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has fixed the vulnerability in all affected versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T12:46:02.733Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://mindgard.ai/blog/thelibrarian-ios-ai-security-disclosure"
},
{
"url": "https://thelibrarian.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-0613",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-0613"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-0613",
"datePublished": "2026-01-16T12:46:02.733Z",
"dateReserved": "2026-01-05T17:40:07.817Z",
"dateUpdated": "2026-01-16T21:41:53.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0612 (GCVE-0-2026-0612)
Vulnerability from cvelistv5 – Published: 2026-01-16 12:44 – Updated: 2026-01-16 21:42
VLAI?
Title
CVE-2026-0612
Summary
The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian.
Severity ?
7.5 (High)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TheLibrarian | TheLibrarian.io |
Affected:
0 , ≤ 1.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-0612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T21:42:18.745012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T21:42:52.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TheLibrarian.io",
"vendor": "TheLibrarian",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions of TheLibrarian."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T12:44:59.806Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "http://mindgard.ai/blog/thelibrarian-ios-ai-security-"
},
{
"url": "https://thelibrarian.io/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2026-0612",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2026-0612"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2026-0612",
"datePublished": "2026-01-16T12:44:59.806Z",
"dateReserved": "2026-01-05T17:39:25.528Z",
"dateUpdated": "2026-01-16T21:42:52.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14894 (GCVE-0-2025-14894)
Vulnerability from cvelistv5 – Published: 2026-01-16 12:43 – Updated: 2026-01-16 21:44
VLAI?
Title
CVE-2025-14894
Summary
Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.
Severity ?
7.5 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bee interactive | Livewire Filemanager |
Affected:
0 , < 1.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-16T15:04:56.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/650657"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-14894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T21:43:37.648938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T21:44:06.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Livewire Filemanager",
"vendor": "bee interactive",
"versions": [
{
"lessThan": "1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T12:43:14.264Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/livewire-filemanager/filemanager"
},
{
"url": "https://hackingbydoing.wixsite.com/hackingbydoing/post/unauthenticated-rce-in-livewire-filemanager"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-14894",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-14894"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-14894",
"datePublished": "2026-01-16T12:43:14.264Z",
"dateReserved": "2025-12-18T16:01:40.573Z",
"dateUpdated": "2026-01-16T21:44:06.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14598 (GCVE-0-2025-14598)
Vulnerability from cvelistv5 – Published: 2026-01-09 12:14 – Updated: 2026-01-09 15:52
VLAI?
Title
CVE-2025-14598
Summary
BeeS Software Solutions BET Portal contains an SQL injection vulnerability in the login functionality of affected sites. The vulnerability enables arbitrary SQL commands to be executed on the backend database.
Severity ?
9.8 (Critical)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BeeS Software Solutions | BET ePortal |
Affected:
0 , < ePortal : Secure Build (October 2025)
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-09T13:15:54.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/361400"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-14598",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T15:46:39.443257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T15:52:06.157Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BET ePortal",
"vendor": "BeeS Software Solutions",
"versions": [
{
"lessThan": "ePortal : Secure Build (October 2025)",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BeeS Software Solutions BET Portal contains an SQL injection vulnerability in the login functionality of affected sites. The vulnerability enables arbitrary SQL commands to be executed on the backend database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T12:14:06.932Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://cloudilyaerp.com/"
},
{
"url": "https://afnaan.me/cve/cve-2025-14598"
},
{
"url": "https://github.com/Afnaan-Ahmed/CVE-2025-14598"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-14598",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-14598"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-14598",
"datePublished": "2026-01-09T12:14:06.932Z",
"dateReserved": "2025-12-12T17:31:41.755Z",
"dateUpdated": "2026-01-09T15:52:06.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13151 (GCVE-0-2025-13151)
Vulnerability from cvelistv5 – Published: 2026-01-07 21:14 – Updated: 2026-01-20 17:08
VLAI?
Title
CVE-2025-13151
Summary
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.
Severity ?
7.5 (High)
CWE
Assigner
References
Credits
This issue was reported Benny Zelster from Microsoft Security Research
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T21:32:59.782767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T21:33:12.865Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-20T17:08:41.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/01/08/5"
},
{
"url": "https://www.kb.cert.org/vuls/id/271649"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libtasn1",
"vendor": "GnuTLS",
"versions": [
{
"lessThanOrEqual": "4.20.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This issue was reported Benny Zelster from Microsoft Security Research"
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T21:15:56.927Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "Source Code Respoitory",
"url": "https://gitlab.com/gnutls/libtasn1"
},
{
"name": "Proposed Pull Request",
"tags": [
"patch"
],
"url": "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-13151",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13151"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13151",
"datePublished": "2026-01-07T21:14:05.223Z",
"dateReserved": "2025-11-13T21:14:53.973Z",
"dateUpdated": "2026-01-20T17:08:41.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14026 (GCVE-0-2025-14026)
Vulnerability from cvelistv5 – Published: 2026-01-06 14:45 – Updated: 2026-01-06 16:04
VLAI?
Title
Vulnerable Python version used in Forcepoint One DLP Client
Summary
Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface (FFI) for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code execution. It was demonstrated that these restrictions could be bypassed.
Severity ?
7.8 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Forcepoint | Forcepoint One Endpoint (F1E) |
Affected:
23.11
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-14026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T15:19:38.095565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T15:49:19.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-06T16:04:41.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/420440"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Forcepoint One Endpoint (F1E)",
"vendor": "Forcepoint",
"versions": [
{
"status": "affected",
"version": "23.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface (FFI) for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code execution. It was demonstrated that these restrictions could be bypassed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1104 Use of Unmaintained Third-Party Components",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-1395 Dependency on a Vulnerable Third-Party Component",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-676 Use of Potentially Dangerous Function",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T14:46:30.519Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://support.forcepoint.com/s/article/000042256"
},
{
"url": "https://kb.cert.org/vuls/id/420440"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Vulnerable Python version used in Forcepoint One DLP Client",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-14026"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-14026",
"datePublished": "2026-01-06T14:45:29.207Z",
"dateReserved": "2025-12-04T13:44:38.515Z",
"dateUpdated": "2026-01-06T16:04:41.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13184 (GCVE-0-2025-13184)
Vulnerability from cvelistv5 – Published: 2025-12-10 12:34 – Updated: 2025-12-10 15:21
VLAI?
Title
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password
Summary
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369_B20230113 (arbitrary command execution). Earlier versions that share the same implementation, may also be affected.
Severity ?
9.8 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Toto Link | X5000R's (AX1800 router) |
Affected:
0 , < V9.1.0u.6369_B20230113
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-12-10T13:17:29.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/821724"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13184",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T15:17:58.730787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T15:21:20.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "X5000R\u0027s (AX1800 router)",
"vendor": "Toto Link",
"versions": [
{
"lessThan": "V9.1.0u.6369_B20230113",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369_B20230113 (arbitrary command execution). Earlier versions that share the same implementation, may also be affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T14:16:27.983Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://hackingbydoing.wixsite.com/hackingbydoing/post/totolink-x5000r-ax1800-router-authentication-bypass"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password",
"x_generator": {
"engine": "VINCE 3.0.30",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13184"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13184",
"datePublished": "2025-12-10T12:34:54.590Z",
"dateReserved": "2025-11-14T12:22:56.010Z",
"dateUpdated": "2025-12-10T15:21:20.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9613 (GCVE-0-2025-9613)
Vulnerability from cvelistv5 – Published: 2025-12-09 18:52 – Updated: 2025-12-10 17:04
VLAI?
Title
CVE-2025-9613
Summary
A vulnerability was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completions being delivered to the wrong security context, potentially compromising data integrity and confidentiality.
Severity ?
6.5 (Medium)
CWE
- CWE-459 - Incomplete Cleanup
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| PCI-SIG | PCI Express Integrity and Data Encryption (PCIe IDE) Specification |
Affected:
0 , < 7.1-Rev7.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-9613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T17:04:05.433232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T17:04:11.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "7.1-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "6.5-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completions being delivered to the wrong security context, potentially compromising data integrity and confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-459: Incomplete Cleanup",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:18:06.300Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://pcisig.com/specifications"
},
{
"url": "https://pcisig.com/PCIeIDEStandardVulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-9613",
"x_generator": {
"engine": "VINCE 3.0.30",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-9613"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-9613",
"datePublished": "2025-12-09T18:52:02.956Z",
"dateReserved": "2025-08-28T15:44:25.947Z",
"dateUpdated": "2025-12-10T17:04:11.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9614 (GCVE-0-2025-9614)
Vulnerability from cvelistv5 – Published: 2025-12-09 18:48 – Updated: 2025-12-10 20:09
VLAI?
Title
CVE-2025-9614
Summary
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to unintended data access across trusted domains, compromising confidentiality and integrity.
Severity ?
6.5 (Medium)
CWE
- CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| PCI-SIG | PCI Express Integrity and Data Encryption (PCIe IDE) Specification |
Affected:
0 , < 6.5-Rev7.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-9614",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T20:09:17.808849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T20:09:20.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "6.5-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "7.1-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to unintended data access across trusted domains, compromising confidentiality and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-354: Improper Validation of Integrity Check Value",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:18:57.364Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://pcisig.com/specifications"
},
{
"url": "https://pcisig.com/PCIeIDEStandardVulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-9614",
"x_generator": {
"engine": "VINCE 3.0.30",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-9614"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-9614",
"datePublished": "2025-12-09T18:48:36.950Z",
"dateReserved": "2025-08-28T15:44:38.469Z",
"dateUpdated": "2025-12-10T20:09:20.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9612 (GCVE-0-2025-9612)
Vulnerability from cvelistv5 – Published: 2025-12-09 18:44 – Updated: 2025-12-11 14:57
VLAI?
Title
CVE-2025-9612
Summary
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections.
Severity ?
5.1 (Medium)
CWE
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| PCI-SIG | PCI Express Integrity and Data Encryption (PCIe IDE) Specification |
Affected:
0 , < 7.1-Rev7.0
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-9612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T14:57:05.743440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T14:57:09.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/404544"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "7.1-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "PCI Express Integrity and Data Encryption (PCIe IDE) Specification",
"vendor": "PCI-SIG",
"versions": [
{
"lessThan": "6.5-Rev7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical attackers on the PCIe bus to violate data integrity protections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-404: Improper Resource Shutdown or Release",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:17:42.005Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://pcisig.com/specifications"
},
{
"url": "https://pcisig.com/PCIeIDEStandardVulnerabilities"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-9612",
"x_generator": {
"engine": "VINCE 3.0.30",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-9612"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-9612",
"datePublished": "2025-12-09T18:44:59.620Z",
"dateReserved": "2025-08-28T15:44:11.594Z",
"dateUpdated": "2025-12-11T14:57:09.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13654 (GCVE-0-2025-13654)
Vulnerability from cvelistv5 – Published: 2025-12-05 12:42 – Updated: 2026-01-29 18:04
VLAI?
Title
CVE-2025-13654
Summary
A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read.
Severity ?
7.5 (High)
CWE
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-29T18:04:54.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/441887"
},
{
"url": "https://github.com/zevv/duc/commit/8638c4365ffd9e1966bdef8af6339dbee8c17e66"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13654",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T19:30:56.374589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T19:31:20.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Duc",
"vendor": "Duc",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-121",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T12:44:20.899Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/zevv/duc/releases/tag/1.4.6"
},
{
"url": "https://kb.cert.org/vuls/id/441887"
},
{
"url": "https://hackingbydoing.wixsite.com/hackingbydoing/post/stack-buffer-overflow-in-duc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-13654",
"x_generator": {
"engine": "VINCE 3.0.30",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13654"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13654",
"datePublished": "2025-12-05T12:42:21.027Z",
"dateReserved": "2025-11-25T13:18:59.006Z",
"dateUpdated": "2026-01-29T18:04:54.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11699 (GCVE-0-2025-11699)
Vulnerability from cvelistv5 – Published: 2025-12-01 15:17 – Updated: 2025-12-01 18:45
VLAI?
Title
CVE-2025-11699
Summary
nopCommerce v4.70 and prior, and version 4.80.3, does not invalidate session cookies after logout or session termination, allowing an attacker who has a
a valid session cookie access to privileged endpoints (such as /admin) even after the legitimate user has logged out, enabling session hijacking. Any version above 4.70 that is not 4.80.3 fixes the vulnerability.
Severity ?
7.1 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| nopSolutions | nopCommerce |
Affected:
4.80.3 , ≤ 4.80.4
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-12-01T17:05:40.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/633103"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-11699",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T18:42:12.485040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T18:45:07.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nopCommerce",
"vendor": "nopSolutions",
"versions": [
{
"lessThanOrEqual": "4.80.4",
"status": "affected",
"version": "4.80.3",
"versionType": "custom"
}
]
},
{
"product": "nopCommerce",
"vendor": "nopSolutions",
"versions": [
{
"lessThan": "4.70",
"status": "affected",
"version": "4.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "nopCommerce v4.70 and prior, and version 4.80.3, does not invalidate session cookies after logout or session termination, allowing an attacker who has a \r\na valid session cookie access to privileged endpoints (such as /admin) even after the legitimate user has logged out, enabling session hijacking. Any version above 4.70 that is not 4.80.3 fixes the vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T15:17:57.842Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2025/Aug/14"
},
{
"url": "https://github.com/nopSolutions/nopCommerce/issues/7044"
},
{
"url": "https://www.nopcommerce.com/en/release-notes?srsltid=AfmBOoravPKjN19pm_XZbXZ7GvPhkt8cxlK6794BJRZlY5RxJU_yNoTT"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-11699",
"x_generator": {
"engine": "VINCE 3.0.29",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-11699"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-11699",
"datePublished": "2025-12-01T15:17:57.842Z",
"dateReserved": "2025-10-13T16:24:26.286Z",
"dateUpdated": "2025-12-01T18:45:07.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12816 (GCVE-0-2025-12816)
Vulnerability from cvelistv5 – Published: 2025-11-25 19:15 – Updated: 2025-11-25 21:04
VLAI?
Title
CVE-2025-12816
Summary
An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.
Severity ?
No CVSS data available.
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Digital Bazaar | node-forge |
Affected:
0 , ≤ 1.3.1
(semver)
|
|||||||
|
|||||||||
Credits
This issue was reported by Hunter Wodzenski of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-12816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T20:21:37.225634Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T20:24:22.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-25T21:04:09.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/521113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "node-forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"product": "forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This issue was reported by Hunter Wodzenski of Palo Alto Networks"
}
],
"descriptions": [
{
"lang": "en",
"value": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions."
}
],
"metrics": [
{
"other": {
"content": {
"schemaVersion": "2.0.0",
"selections": [
{
"definition": "The present state of exploitation of the vulnerability.",
"key": "E",
"name": "Exploitation",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Public PoC"
}
],
"version": "1.1.0"
},
{
"definition": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
"key": "A",
"name": "Automatable",
"namespace": "ssvc",
"values": [
{
"key": "N",
"name": "No"
}
],
"version": "2.0.0"
},
{
"definition": "The technical impact of the vulnerability.",
"key": "TI",
"name": "Technical Impact",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Partial"
}
],
"version": "1.0.0"
}
],
"timestamp": "2025-11-07T15:47:01.238Z"
},
"type": "ssvcV2_0_0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-436 Interpretation Conflict",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T19:29:31.487Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.npmjs.com/package/node-forge"
},
{
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"url": "https://github.com/digitalbazaar/forge"
},
{
"name": "CERT/CC Vulnerability Notice",
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"name": "Github Security Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-12816",
"x_generator": {
"engine": "VINCE 3.0.29",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12816"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-12816",
"datePublished": "2025-11-25T19:15:50.243Z",
"dateReserved": "2025-11-06T17:11:38.255Z",
"dateUpdated": "2025-11-25T21:04:09.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12978 (GCVE-0-2025-12978)
Vulnerability from cvelistv5 – Published: 2025-11-24 14:42 – Updated: 2026-01-07 15:36
VLAI?
Title
CVE-2025-12978
Summary
Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins contain a flaw in the tag_key validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed access to these input endpoints can exploit this behavior to manipulate tags and redirect records to unintended destinations. This compromises the authenticity of ingested logs and can allow injection of forged data, alert flooding and routing manipulation.
Severity ?
5.4 (Medium)
CWE
- CWE-187 - Partial String Comparison
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FluentBit | Fluent Bit |
Affected:
0 , < 4.0.12
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-12978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T15:29:03.000953Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T15:29:06.000Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fluent Bit",
"vendor": "FluentBit",
"versions": [
{
"lessThan": "4.0.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins contain a flaw in the tag_key validation logic that fails to enforce exact key-length matching. This allows crafted inputs where a tag prefix is incorrectly treated as a full match. A remote attacker with authenticated or exposed access to these input endpoints can exploit this behavior to manipulate tags and redirect records to unintended destinations. This compromises the authenticity of ingested logs and can allow injection of forged data, alert flooding and routing manipulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-187: Partial String Comparison",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T15:36:44.975Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://fluentbit.io/announcements/v4.1.0/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-12978",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12978"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-12978",
"datePublished": "2025-11-24T14:42:06.305Z",
"dateReserved": "2025-11-10T18:57:32.141Z",
"dateUpdated": "2026-01-07T15:36:44.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12969 (GCVE-0-2025-12969)
Vulnerability from cvelistv5 – Published: 2025-11-24 14:41 – Updated: 2026-01-07 15:36
VLAI?
Title
CVE-2025-12969
Summary
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.
Severity ?
6.5 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FluentBit | Fluent Bit |
Affected:
0 , < 4.0.13
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-12969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T18:02:22.489781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T18:02:26.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fluent Bit",
"vendor": "FluentBit",
"versions": [
{
"lessThan": "4.0.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T15:36:49.065Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://fluentbit.io/blog/2025/10/28/security-vulnerabilities-addressed-in-fluent-bit-v4.1-and-backported-to-v4.0/"
},
{
"url": "https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-12969",
"x_generator": {
"engine": "VINCE 3.0.31",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12969"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-12969",
"datePublished": "2025-11-24T14:41:05.630Z",
"dateReserved": "2025-11-10T17:53:38.234Z",
"dateUpdated": "2026-01-07T15:36:49.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}