Trending now

CVE-2025-4123 is a cross-site scripting (XSS) vulnerability found in Grafana. It stems from a combination of client path traversal and an open redirect issue within the handling of custom frontend plugins. This flaw allows attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerability is particularly concerning because it can be exploited even without editor permissions, especially if anonymous access is enabled in Grafana. Furthermore, if the Grafana Image Renderer plugin is installed, the vulnerability can be escalated to a full read Server-Side Request Forgery (SSRF), potentially exposing internal services and cloud metadata. All supported versions of Grafana OSS and Grafana Enterprise, starting from Grafana 8 are affected.

CVE-2025-0913 is associated with multiple vulnerabilities across different software. One vulnerability affects the Slider & Popup Builder by Depicter plugin for WordPress. Specifically, it is a generic SQL Injection vulnerability present in versions up to and including 3.6.1. The vulnerability lies in the 's' parameter due to insufficient escaping of user-supplied input and inadequate preparation of the existing SQL query. Another vulnerability, CVE-2025-0913, is found in Ashlar-Vellum Cobalt related to CO file parsing. This use-after-free vulnerability allows remote attackers to execute arbitrary code on affected installations. Exploitation requires user interaction, such as opening a malicious file. The flaw stems from the lack of validation of an object's existence before operations are performed on it.

CVE-2025-4673 affects the Terraform WinDNS Provider, which is used to manage Windows DNS server resources through Terraform. The vulnerability lies in versions prior to 1.0.5 and was made public on May 6, 2025. It stems from inadequate input sanitization within the windns_record resource. Specifically, the vulnerability could allow authenticated users with high privileges to potentially execute commands via PowerShell command injection. Version 1.0.5 of the Terraform WinDNS Provider addresses this issue with improved input validation.

CVE-2025-49113 is a remote code execution vulnerability affecting Roundcube Webmail versions before 1.5.10 and 1.6.x before 1.6.11. It stems from the insufficient validation of the `_from` parameter in the `program/actions/settings/upload.php` file. This lack of validation allows for PHP Object Deserialization, potentially enabling authenticated users to execute arbitrary code on the Roundcube Webmail server. The vulnerability has been addressed in Roundcube Webmail versions 1.5.10 and 1.6.11.

CVE-2025-32756 is a stack-based buffer overflow vulnerability that affects multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted HTTP requests. Fortinet has observed active exploitation of this vulnerability in the wild, specifically targeting FortiVoice systems. During the exploitation of CVE-2025-32756, threat actors have been observed performing network scans, deleting system crash logs to conceal their activity, and enabling 'fcgi debugging' to log credentials. Additionally, they have been seen deploying malware, establishing cron jobs to harvest credentials, and using scripts to conduct network reconnaissance on compromised devices.

CVE-2025-37752 is an array-out-of-bounds vulnerability found in the Linux kernel's network packet scheduler, specifically within the Stochastic Fairness Queueing (SFQ) queuing discipline. The vulnerability stems from insufficient validation of the SFQ limit parameter. An invalid SFQ limit, combined with interactions between SFQ and the TBF Qdisc, can lead to writing a 0x0000 value approximately 256KB out of bounds at a misaligned offset. The vulnerability occurs because the limit validation is performed directly on user-provided data without considering how other parameter changes might affect the limit value. This can lead to scenarios where the limit is indirectly updated through configurations. When exploited, this can trigger an array-index-out-of-bounds condition in `net/sched/sch_sfq.c`.

CVE-2024-24919 is a vulnerability affecting Check Point Security Gateways. It potentially allows an attacker to read certain information on gateways connected to the internet with remote Access VPN or Mobile Access Software Blades enabled. A security fix is available to mitigate this vulnerability. The vulnerability is an arbitrary file read issue where an attacker can access sensitive files, potentially with root privileges, by exploiting path traversal. If certificate authentication is not enabled, it may lead to unauthenticated remote code execution.

CVE-2025-21479 is an incorrect authorization vulnerability found in the Graphics component of Qualcomm's Adreno GPU driver. This flaw can lead to memory corruption due to unauthorized command execution in the GPU microcode when a specific sequence of commands is processed. Successful exploitation of CVE-2025-21479 could allow attackers to execute unauthorized commands, potentially corrupting system memory. Qualcomm has released patches for this vulnerability and recommends that OEMs deploy the updates to affected devices as soon as possible. There are indications that this vulnerability may be under limited, targeted exploitation.

CVE-2024-21762 is an out-of-bounds write vulnerability found in the SSL VPN component of Fortinet's FortiOS and FortiProxy. It resides in the SSL VPN functionality, potentially allowing unauthenticated, remote attackers to execute arbitrary code or commands on affected systems. This is achieved by sending specially crafted HTTP requests to a vulnerable device that has SSL VPN enabled, which can trigger a buffer overflow. Specifically, the vulnerability relates to the handling of HTTP requests using chunked transfer encoding. Analysis of the patch revealed that it introduces validation to ensure a certain value is less than 0x10, and if this condition isn't met, an "invalid chunk length string" is logged. Exploitation could lead to unauthorized access and control of the targeted systems.