Overview CVE-2025-65957 identifies a vulnerability in Core Bot, an open-source Discord bot designed for Maple Hospital servers. Prior to commit dffe050, sensitive API keys, including `SUPABASE_API_KEY` and `TOKEN`, could be inadvertently exposed due to improper handling in error messages, summaries, and webhook configurations. This vulnerability has been addressed with the aforementioned commit. Technical Details Core Bot utilizes environment variables to store sensitive API keys. The vulnerability stemmed from the bot’s code failing to properly redact these keys when generating summaries, error messages, or interacting with webhooks. Specifically, under certain error conditions or when creating log entries, the values of the…

Overview CVE-2025-65956 details a stored Cross-Site Scripting (XSS) vulnerability affecting Formwork, a flat file-based Content Management System (CMS). This vulnerability exists in versions prior to 2.2.0. By injecting unsanitized data into the blog tag field, an attacker can execute arbitrary JavaScript code in the browser of any Formwork CMS user who accesses or edits the compromised blog post. This persistent XSS vulnerability can severely impact privileged administrative workflows. Technical Details The vulnerability stems from the lack of proper input sanitization when processing data entered into the blog tag field within the Formwork CMS. An attacker with the necessary permissions (typically…

Overview A critical Heap-Use-After-Free (UAF) vulnerability, identified as CVE-2025-65953, has been discovered in the NanoMQ MQTT Broker (NanoMQ), an all-around Edge Messaging Platform. This vulnerability affects versions prior to 0.22.5. The root cause lies within the TCP transport component of NanoMQ, specifically interacting with the underlying NanoNNG library. Technical Details The vulnerability is located in src/sp/transport/mqtt/broker_tcp.c of the NanoNNG library. It stems from improper resource management and premature cleanup of message and pipe structures. This occurs under specific conditions involving malformed MQTTV5 retain message traffic. Essentially, when NanoMQ processes certain types of malformed MQTTV5 retain messages, it may prematurely free…

Overview A path traversal vulnerability, identified as CVE-2025-65952, has been discovered in the “Console” software, a network tool used to manage Gorilla Tag mods and users. Prior to version 2.8.0, attackers could leverage carefully crafted combinations of backslashes and periods to bypass security measures and write files to unauthorized directories on the system running the console. This vulnerability has been addressed in version 2.8.0 of the Console software. Technical Details The path traversal vulnerability stems from insufficient input validation when handling file paths within the Console application. By exploiting this flaw, a malicious actor could potentially overwrite critical system files,…

Overview This article discusses CVE-2025-65942, a low-severity Denial-of-Service (DoS) vulnerability affecting VictoriaMetrics, a scalable time series database. The vulnerability stems from improper handling of snappy-compressed data, potentially leading to excessive memory usage and service disruption. Technical Details VictoriaMetrics versions 1.0.0 through 1.110.22, 1.111.0 through 1.122.7, and 1.123.0 through 1.129.0 are susceptible to DoS attacks. The snappy decoder in these versions does not properly enforce request size limits. This allows attackers to send malformed snappy blocks, triggering excessive memory allocation. As a result, the VictoriaMetrics instance can experience Out-of-Memory (OOM) errors and become unstable or unavailable. The fix implemented in versions…

Overview CVE-2025-64713 describes an out-of-bounds array access vulnerability found in the WebAssembly Micro Runtime (WAMR), specifically affecting versions prior to 2.4.4. This flaw resides within WAMR’s fast interpreter mode during WASM bytecode loading. Exploitation of this vulnerability could potentially lead to denial-of-service (DoS) or, in more severe scenarios, arbitrary code execution. Technical Details The vulnerability arises when handling GET_GLOBAL(I32) opcodes in conjunction with the if opcode within the WASM bytecode. Specifically, the frame_ref_bottom and frame_offset_bottom arrays are involved in managing stack frames. When frame_ref_bottom and frame_offset_bottom arrays are at capacity and a GET_GLOBAL(I32) opcode is encountered, frame_ref_bottom is expanded. However,…

Overview CVE-2025-64704 is a medium severity vulnerability affecting WebAssembly Micro Runtime (WAMR), a lightweight standalone WebAssembly (Wasm) runtime. Specifically, versions prior to 2.4.4 are susceptible to a segmentation fault triggered by the v128.store instruction. This vulnerability could lead to denial-of-service (DoS) or potentially more severe consequences depending on the context in which WAMR is used. Technical Details The vulnerability lies in the handling of the v128.store instruction within WAMR. This instruction is used to store a 128-bit vector value in memory. Due to an error in the implementation prior to version 2.4.4, processing a crafted v128.store instruction can cause WAMR…

Overview A critical security vulnerability, identified as CVE-2025-13597, has been discovered in the AI Feeds plugin for WordPress. This vulnerability allows unauthenticated attackers to upload arbitrary files, potentially leading to remote code execution (RCE). All versions of the AI Feeds plugin up to and including version 1.0.11 are affected. This post provides a detailed analysis of the vulnerability, its potential impact, and steps to mitigate the risk. Technical Details The vulnerability lies in the actualizador_git.php file of the AI Feeds plugin. Specifically, the file lacks proper capability checks, allowing unauthenticated users to trigger the functionality designed for plugin updates from…

Overview A critical vulnerability, identified as CVE-2025-13595, has been discovered in the CIBELES AI WordPress plugin. This vulnerability allows unauthenticated attackers to upload arbitrary files, potentially leading to remote code execution. All versions of the plugin up to and including 1.10.8 are affected. It is imperative to update to the latest version or remove the plugin immediately. Technical Details The vulnerability stems from a missing capability check in the actualizador_git.php file within the CIBELES AI plugin. Specifically, the file fails to verify user permissions before allowing the download of arbitrary GitHub repositories and overwriting existing plugin files. This weakness enables…

Overview CVE-2025-63735 describes a reflected Cross-Site Scripting (XSS) vulnerability found in Ruckus Unleashed version 200.13.6.1.319. This vulnerability allows an attacker to inject arbitrary JavaScript code into a user’s browser by crafting a malicious URL targeting the `selfguestpass/guestAccessSubmit.jsp` endpoint. Specifically, the `name` parameter is vulnerable. Technical Details The vulnerability exists because the Ruckus Unleashed software fails to properly sanitize user-supplied input provided via the `name` parameter in the `selfguestpass/guestAccessSubmit.jsp` endpoint. An attacker can exploit this by crafting a URL containing malicious JavaScript code within the `name` parameter. When a user clicks on this manipulated URL, the injected JavaScript code is executed…