CVE-2025-48956 vLLM API endpoints vulnerable to Denial of Service Attacks

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability can be triggered by sending a single HTTP GET request w ...

Continue Reading

August 21, 2025

CVE-2025-47870 Team invite ID leaked to team admin with no member invite privileges

Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore e ...

Continue Reading

August 21, 2025

CVE-2025-8064

creation_timestamp| type| source ---|---|--- 2025-08-21 12:23:27+00:00| seen|...Read More ...

Continue Reading

August 21, 2025

CVE-2025-52287

creation_timestamp| type| source ---|---|--- 2025-08-21 13:49:15+00:00| seen|...Read More ...

Continue Reading

August 21, 2025

CVE-2025-54368

creation_timestamp| type| source ---|---|--- 2025-08-21 13:34:09+00:00| seen|...Read More ...

Continue Reading

August 21, 2025

CVE-2025-47184

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 7.0.1p02 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege ...

Continue Reading

August 21, 2025

CVE-2025-47184

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 7.0.1p02 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege ...

Continue Reading

August 21, 2025

CVE-2025-7221

creation_timestamp| type| source ---|---|--- 2025-08-21 10:23:22+00:00| seen|...Read More ...

Continue Reading

August 21, 2025

1 216 217 218 219 220 9,321

Back to Main
Subscribe for the latest news: