CVE-2025-7021 OpenAI Operator – API Spoofing through Locking Operator on FullScreen

Fullscreen API Spoofing and UI Redressing in the handling of Fullscreen API and UI rendering in OpenAI Operator SaaS on Web allows a remote attacker to capture sensitive user input (e.g., login creden ...

Continue Reading
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::find_event_with_relations method of matrix-sdk 0 ...

Continue Reading
CVE-2025-53549

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::find_event_with_relations method of matrix-sdk 0 ...

Continue Reading
CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component (default port 2 ...

Continue Reading
CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component (default port 2 ...

Continue Reading
CVE-2025-49723

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering...Read More ...

Continue Reading
EUVD-2025-21001

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Starting in 5.3.0 and before 7.5.3 and 8.2.2, the Parse Server GraphQL API previously allowed pu ...

Continue Reading
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::find_event_with_relations method of matrix-sdk 0 ...

Continue Reading

Back to Main

Subscribe for the latest news: