Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 3.1 CVE-2025-43531

CVE-2025-43531_CVE-2025-43531

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26...

Apple iOS and iPadOS unspecified CVE
LOW 2 CVE-2025-68399

ChurchCRM has Stored Cross-Site Scripting (XSS) In GroupEditor.php_CVE-2025-68399

ChurchCRM is an open-source church management system. In versions prior to 6.5.4, there is a Stored Cross-Site Scripting (XSS) vulnerability within...

ChurchCRM CRM < 6.5.4 CVE
LOW 2.8 CVE-2025-65185

CVE-2025-65185_CVE-2025-65185

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an O...

n/a n/a n/a CVE
LOW 3.9 CVE-2025-13326

Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store_CVE-2025-13326

Mattermost Desktop App versions

Mattermost Mattermost CVE
LOW 3.3 CVE-2025-13321

Mattermost Desktop App logging sensitive information and fails to clear data on server deletion_CVE-2025-13321

Mattermost Desktop App versions

Mattermost Mattermost CVE
LOW 1.7 CVE-2025-66646

RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass_CVE-2025-66646

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded ...

RIOT-OS RIOT < 2025.10 CVE
LOW 2.6 CVE-2025-54004

WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.21 - Broken Access Control vulnerability_CVE-2025-54004

Missing Authorization vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce wc-frontend-manager allows Exploiting Incorrectly Configur...

WC Lovers WCFM – Frontend Manager for WooCommerce n/a CVE
LOW 3 CVE-2025-13352

Mattermost GitHub Plugin allows unauthorized GitHub reactions via reaction forwarding hijacking_CVE-2025-13352

Mattermost versions 10.11.x

Mattermost Mattermost 10.11.0 CVE
LOW 3.1 CVE-2025-62690

Open redirect in error page when link opened in new tab_CVE-2025-62690

Mattermost versions 10.11.x

Mattermost Mattermost 10.11.0 CVE
LOW 0.6 CVE-2025-14266

CSRF in Ercom Cryptobox administration console_CVE-2025-14266

CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires ...

Ercom Cryptobox 4.0.0 CVE