Overview CVE-2025-8076 is a high-severity vulnerability affecting the Baseboard Management Controller (BMC) web function in certain Supermicro motherboards, specifically the MBD-X13SEDW-F. This vulnerability allows a remote attacker, after successfully authenticating to the BMC web server, to execute arbitrary code due to a stack buffer overflow. This poses a significant risk to the integrity and availability of affected systems. Technical Details The vulnerability resides in the handling of specific requests to the BMC web interface. By crafting a malicious payload and sending it to a vulnerable endpoint after successful authentication, an attacker can overwrite parts of the stack memory. This allows…

Overview A stored Cross-Site Scripting (XSS) vulnerability has been identified in the VK All in One Expansion Unit plugin for WordPress. This vulnerability, assigned CVE-2025-11267, affects all versions up to and including 9.112.1. Successful exploitation allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts execute whenever a user accesses the compromised page, potentially leading to account compromise, data theft, or defacement. Technical Details The vulnerability stems from insufficient input sanitization and output escaping of the user-supplied Custom CSS value within the plugin’s settings. Specifically, the _veu_custom_css parameter is vulnerable. The vulnerable code…

Overview A stored Cross-Site Scripting (XSS) vulnerability has been identified in the VK All in One Expansion Unit plugin for WordPress. This vulnerability, tracked as CVE-2025-11265, affects versions up to and including 9.112.1. Successful exploitation of this vulnerability allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts execute when a user accesses the compromised page. Technical Details The vulnerability lies within the plugin’s call-to-action (CTA) functionality. Specifically, the ‘vkExUnit_cta_url’ and ‘vkExUnit_cta_button_text’ parameters are susceptible to XSS injection. The root cause is a logic error in the CTA save function. The code incorrectly…

Overview CVE-2025-10089 describes a high-severity vulnerability affecting several versions of Mitsubishi Electric’s MILCO.S lighting control system applications. This vulnerability allows a local attacker to execute malicious code by tricking the installer into loading a malicious DLL. Crucially, the risk is present only during the installer execution phase and is mitigated if the software is downloaded directly from the official Mitsubishi Electric website. If the digital signature of “MILCO.S Lighting Control.exe” displays “Mitsubishi Electric Lighting,” the application is a fixed version and not susceptible to the vulnerability. Technical Details The vulnerability stems from a potential DLL injection during the installation process.…

Overview CVE-2025-7623 describes a stack-based buffer overflow vulnerability found in the SMASH-CLP (Systems Management Architecture for Server Hardware Command Line Protocol) shell of Supermicro Baseboard Management Controllers (BMCs). Successful exploitation of this vulnerability allows an authenticated attacker with SSH access to the BMC to achieve arbitrary code execution on the BMC’s firmware operating system. Technical Details The vulnerability lies within the SMASH-CLP shell implementation. A specially crafted SMASH command, exceeding 260 bytes, can overflow a stack buffer. This overflow allows an attacker to overwrite the return address and registers on the stack. By carefully crafting the overflow, the attacker can…

Overview CVE-2025-12524 is a medium severity vulnerability affecting the Post Type Switcher plugin for WordPress. This vulnerability, an Insecure Direct Object Reference (IDOR), allows authenticated attackers with Author-level access or higher to modify the post type of arbitrary posts and pages, including those created by administrators. This can lead to significant site disruption and SEO impact. Technical Details The vulnerability resides in versions up to and including 4.0.0 of the Post Type Switcher plugin. It stems from missing validation on a user-controlled key, specifically the `post_id` parameter used when switching post types. Attackers can exploit this by manipulating the `post_id`…

Overview CVE-2025-48593 is a critical security vulnerability identified in the Bluetooth component of certain systems. This vulnerability, a use-after-free flaw, allows for remote code execution (RCE) without requiring any user interaction. This makes it a highly dangerous vulnerability that requires immediate attention and patching. Technical Details The vulnerability resides in the bta_hf_client_cb_init function within the bta_hf_client_main.cc file. A use-after-free condition occurs due to improper memory management, where a pointer to a freed memory region is dereferenced. This allows an attacker to potentially overwrite memory and inject malicious code. Specifically, the vulnerability exists because of how the Bluetooth Hands-Free Profile (HFP)…

Overview CVE-2025-64734 describes a “Missing Release of Resource after Effective Lifetime” vulnerability (CWE-772) affecting the Gallagher T21 Reader. This vulnerability allows an attacker with physical access to the reader to trigger a denial-of-service (DoS) condition, preventing legitimate cardholders from using the reader for entry. The impact is limited to the specific reader being attacked. Technical Details The vulnerability stems from the T21 Reader failing to properly release resources after their intended lifespan. An attacker with physical access can exploit this by repeatedly triggering a specific function on the reader, leading to resource exhaustion. Eventually, the reader becomes unresponsive and unable…

Overview CVE-2025-52578 describes an “Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE-335)” vulnerability found in the High Sec ELM Command Centre Server. This medium-severity vulnerability could allow a sophisticated attacker with physical access to the device to compromise internal device communications. This issue impacts the following versions of Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)) 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)) 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)) All versions of 9.00 and prior Technical Details The vulnerability stems from the insecure generation of pseudo-random numbers within the High Sec ELM Command…

Overview CVE-2025-52457 is a medium-severity vulnerability affecting HBUS devices used with Gallagher Command Centre. This vulnerability, classified as an Observable Timing Discrepancy (CWE-208), could allow an attacker with physical access to the device to extract sensitive, device-specific keys. Successful exploitation could compromise the security of the entire site protected by the system. Technical Details The vulnerability lies in the timing differences observed during the processing of specific operations on HBUS devices. An attacker with physical access can measure these timing variations to deduce information about the internal keys used by the device. The vulnerability stems from inconsistent execution times based…