Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 2.3 CVE-2025-11884

Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB_CVE-2025-11884

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in opentext uCMDB allows Stored XSS. The ...

OpenText™ uCMDB 24.4 CVE
LOW 3.5 CVE-2025-63292

CVE-2025-63292_CVE-2025-63292

Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmwar...

n/a n/a n/a CVE
LOW 3 CVE-2025-55074

Channel member objects leak read status_CVE-2025-55074

Mattermost versions 10.11.x

Mattermost Mattermost 10.11.0 CVE
LOW 3.8 CVE-2025-61713

CVE-2025-61713_CVE-2025-61713

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 ...

Fortinet FortiPAM 1.6.0 CVE
LOW 3.9 CVE-2025-54972

CVE-2025-54972_CVE-2025-54972

An improper neutralization of crlf sequences ('crlf injection') in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail...

Fortinet FortiMail 7.6.0 CVE
LOW 3.9 CVE-2025-54971

CVE-2025-54971_CVE-2025-54971

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC 7.4.0, FortiADC 7.2 all versions, FortiADC 7.1 all...

Fortinet FortiADC 7.4.0 CVE
LOW 1.8 CVE-2025-54821

CVE-2025-54821_CVE-2025-54821

An Improper Privilege Management vulnerability [CWE-269] in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all version...

Fortinet FortiProxy 7.6.0 CVE
LOW 3.7 CVE-2025-13083

Drupal core – Moderately critical – Information disclosure – SA-CORE-2025-008_CVE-2025-13083

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Contr...

Drupal Drupal core 8.0.0 CVE
LOW 3.5 CVE-2025-12761

Simple multi step form – Moderately critical – Cross-site Scripting – SA-CONTRIB-2025-116_CVE-2025-12761

Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Simple multi step form allows Cross-Si...

Drupal Simple multi step form 0.0.0 CVE
LOW 3.5 CVE-2025-52639

HCL Connections is vulnerable to sensitive information disclosure_CVE-2025-52639

HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are...

HCL Software Connections 8.0 CVE