Latest CVE Feed
-
6.9
MEDIUMCVE-2025-62696
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in The Wikimedia Foundation Mediawiki Foundation - Springboard Extension allows Command Injection.This issue affects Mediawiki Foundation - Springboard Exten... Read more
Affected Products :- Published: Oct. 21, 2025
- Modified: Oct. 21, 2025
-
6.9
MEDIUMCVE-2025-62702
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - PageTriage Extension allows Stored XSS.This issue affects Mediawiki - PageTriage Extension: from master befor... Read more
Affected Products :- Published: Oct. 21, 2025
- Modified: Oct. 21, 2025
-
0.0
NACVE-2025-40005
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation... Read more
Affected Products : linux_kernel- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40007
In the Linux kernel, the following vulnerability has been resolved: netfs: fix reference leak Commit 20d72b00ca81 ("netfs: Fix the request's work item to not require a ref") modified netfs_alloc_request() to initialize the reference counter to 2 instead... Read more
Affected Products : linux_kernel- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Denial of Service
-
5.0
MEDIUMCVE-2025-11536
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wp_ajax_import_elementor_template action. This makes it possible for authenticated attackers,... Read more
Affected Products :- Published: Oct. 20, 2025
- Modified: Oct. 21, 2025
- Vuln Type: Server-Side Request Forgery