| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-53492 | Stored XSS in MintyDocs | Wikimedia Foundation | Mediawiki - MintyDocs Extension | - | - | 2025-07-02 14:41:52 | Deep Dive |
| CVE-2025-53493 | Stored XSS in MintyDocs | Wikimedia Foundation | Mediawiki - MintyDocs Extension | - | - | 2025-07-02 14:38:07 | Deep Dive |
| CVE-2025-53494 | Stored XSS in TwoColConflict | Wikimedia Foundation | Mediawiki - TwoColConflict Extension | - | - | 2025-07-02 14:24:54 | Deep Dive |
| CVE-2024-35164 | Apache Guacamole: Improper input validation of console codes | Apache Software Foundation | Apache Guacamole | Medium | 6.8 | 2025-07-02 11:23:23 | Deep Dive |
| CVE-2025-46647 | Apache APISIX: improper validation of issuer from introspection discovery url in plugin openid-connect | Apache Software Foundation | Apache APISIX | - | - | 2025-07-02 11:08:47 | Deep Dive |
| CVE-2025-32897 | Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server | Apache Software Foundation | Apache Seata (incubating) | - | - | 2025-06-28 18:25:18 | Deep Dive |
| CVE-2025-6705 | Eclipse Open VSX 安全漏洞 | Eclipse Foundation | Eclipse Open VSX Registry | - | - | 2025-06-27 14:57:07 | Deep Dive |
| CVE-2025-50213 | Apache Airflow Providers Snowflake: Potential SQL injection in CopyFromExternalStageToSnowflakeOperator | Apache Software Foundation | Apache Airflow Providers Snowflake | - | - | 2025-06-24 07:06:53 | Deep Dive |
| CVE-2025-32896 | Apache SeaTunnel: Unauthenticated insecure access | Apache Software Foundation | Apache SeaTunnel | - | - | 2025-06-19 10:38:37 | Deep Dive |
| CVE-2025-31698 | Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL | Apache Software Foundation | Apache Traffic Server | - | - | 2025-06-19 10:07:47 | Deep Dive |
| CVE-2025-49763 | Apache Traffic Server: Remote DoS via memory exhaustion in ESI Plugin | Apache Software Foundation | Apache Traffic Server | - | - | 2025-06-19 10:07:15 | Deep Dive |
| CVE-2025-6069 | HTMLParser quadratic complexity when processing malformed inputs | Python Software Foundation | CPython | Medium | 4.3 | 2025-06-17 13:39:46 | Deep Dive |
| CVE-2025-48976 | Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers | Apache Software Foundation | Apache Commons FileUpload | 中危 | - | 2025-06-16 15:00:48 | Deep Dive |
| CVE-2025-49124 | Apache Tomcat: exe side-loading via icalcs.exe in Tomcat installer for Windows | Apache Software Foundation | Apache Tomcat | - | - | 2025-06-16 14:22:16 | Deep Dive |
| CVE-2025-49125 | Apache Tomcat: Security constraint bypass for pre/post-resources | Apache Software Foundation | Apache Tomcat | 低危 | - | 2025-06-16 14:18:10 | Deep Dive |
| CVE-2025-48988 | Apache Tomcat: FileUpload large number of parts with headers DoS | Apache Software Foundation | Apache Tomcat | 中危 | - | 2025-06-16 14:13:40 | Deep Dive |
| CVE-2025-47869 | Apache NuttX RTOS: examples/xmlrpc: Fix calls buffers size. | Apache Software Foundation | Apache NuttX RTOS | - | - | 2025-06-16 11:00:38 | Deep Dive |
| CVE-2025-47868 | Apache NuttX RTOS: tools/bdf-converter.: tools/bdf-converter: Fix loop termination condition. | Apache Software Foundation | Apache NuttX RTOS: tools/bdf-converter. | - | - | 2025-06-16 11:00:05 | Deep Dive |
| CVE-2025-30675 | Apache CloudStack: Unauthorised template/ISO list access to the domain/resource admins | Apache Software Foundation | Apache CloudStack | Medium | 4.7 | 2025-06-10 23:12:24 | Deep Dive |
| CVE-2025-22829 | Apache CloudStack: Unauthorised access to dedicated resources in Quota plugin | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:11:25 | Deep Dive |