| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12390 | Org.keycloak.protocol.oidc.endpoints.logoutendpoint: offline session takeover due to reused authentication session id | Keycloak | keycloak | Medium | 6.0 | 2025-10-28 13:23:35 | Deep Dive |
| CVE-2025-10939 | Org.keycloak/keycloak-quarkus-server: unable to restrict access to the admin console | Keycloak | keycloak | Low | 3.7 | 2025-10-28 03:08:30 | Deep Dive |
| CVE-2025-57848 | Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions | Red Hat | Red Hat OpenShift Virtualization 4 | Medium | 6.4 | 2025-10-23 20:10:31 | Deep Dive |
| CVE-2025-12110 | Keycloak: org.keycloak:keycloak-services: user can refresh offline session even after client's offline_access scope was removed | Keycloak | keycloak | Medium | 5.4 | 2025-10-23 14:19:25 | Deep Dive |
| CVE-2025-11429 | Keycloak-server: too long and not settings compliant session | Keycloak | keycloak | Medium | 5.4 | 2025-10-23 14:09:32 | Deep Dive |
| CVE-2025-12105 | Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion | GNOME | libsoup | High | 7.5 | 2025-10-23 09:14:14 | Deep Dive |
| CVE-2025-58712 | Amq: privilege escalation via excessive /etc/passwd permissions | apache | activemq-artemis | Medium | 6.4 | 2025-10-22 18:19:07 | Deep Dive |
| CVE-2025-11568 | Luksmeta: data corruption when handling luks1 partitions with luksmeta | Latchset | luksmeta | Medium | 4.4 | 2025-10-15 19:37:12 | Deep Dive |
| CVE-2025-9640 | Samba: vfs_streams_xattr uninitialized memory write possible | - | - | Medium | 4.3 | 2025-10-15 12:47:30 | Deep Dive |
| CVE-2025-11731 | Libxslt: type confusion in exsltfuncresultcompfunction of libxslt | - | - | Low | 3.1 | 2025-10-14 06:02:36 | Deep Dive |
| CVE-2025-11561 | Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems | - | - | High | 8.8 | 2025-10-09 13:37:53 | Deep Dive |
| CVE-2025-6242 | Vllm: server side request forgery (ssrf) in mediaconnector | Red Hat | Red Hat AI Inference Server | High | 7.1 | 2025-10-07 19:45:18 | Deep Dive |
| CVE-2025-11234 | Qemu-kvm: vnc websocket handshake use-after-free | - | - | High | 7.5 | 2025-10-03 10:30:34 | Deep Dive |
| CVE-2025-10725 | Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin | opendatahub-io | opendatahub-operator | Critical | 9.9 | 2025-09-30 17:47:09 | Deep Dive |
| CVE-2025-7493 | Freeipa: idm: privilege escalation from host to domain admin in freeipa | Red Hat | Red Hat Enterprise Linux 10 | Critical | 9.1 | 2025-09-30 15:06:47 | Deep Dive |
| CVE-2025-57852 | Openshift-ai: privilege escalation via excessive /etc/passwd permissions | Red Hat | Red Hat OpenShift AI 2.16 | Medium | 6.4 | 2025-09-30 14:37:10 | Deep Dive |
| CVE-2025-11060 | Surrealdb: surrealdb is vulnerable to unauthorized data exposure via live query subscriptions | - | - | Medium | 5.7 | 2025-09-26 12:01:23 | Deep Dive |
| CVE-2025-11021 | Libsoup: out-of-bounds read in cookie date handling of libsoup http library | - | - | High | 7.5 | 2025-09-26 08:36:19 | Deep Dive |
| CVE-2025-60019 | Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based() | - | - | Low | 3.7 | 2025-09-25 15:53:03 | Deep Dive |
| CVE-2025-60018 | Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()" | - | - | Medium | 4.8 | 2025-09-25 15:52:58 | Deep Dive |