API - API Security Blog

CVE-2025-5323 fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checking

A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function send_email_change_user_email of the file /fossasia/open-event ...

May 30, 2025

CVE-2025-5054

creation_timestamp| type| source ---|---|--- 2025-05-29 17:47:17+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lqdblrdkqb2g 2025-05-29 17:57:31+00:00| seen|...Read More ...

May 30, 2025

CVE-2024-51392

creation_timestamp| type| source ---|---|--- 2025-05-29 18:01:51+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqdcfmbmj442 2025-05-29 21:2 ...

May 30, 2025

CVE-2025-46823 OpenMRS has Vulnerability in FHIR2 Module Privileges

openmrs-module-fhir2 provides the FHIR REST API and related services for OpenMRS, an open medical records system. In versions of the FHIR2 module prior to 2.5.0, privileges were not always correctly c ...

May 30, 2025

Mattermost improperly allows team administrators to modify team invites

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly validate permissions when changing team privacy settings, allow ...

May 30, 2025

CVE-2025-46701

creation_timestamp| type| source ---|---|--- 2025-05-29 19:48:02+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114592847077746070 2025-05-29 20:05:22+00:00| seen| https://bsky.app/profile/ ...

May 30, 2025

CVE-2025-48475

creation_timestamp| type| source ---|---|--- 2025-05-29 18:01:41+00:00| seen|...Read More ...

May 30, 2025

CVE-2025-4598

creation_timestamp| type| source ---|---|--- 2025-05-29 17:47:17+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lqdblrdkqb2g 2025-05-29 17:57:31+00:00| seen|...Read More ...

May 30, 2025