Overview CVE-2025-66563 describes a cross-site scripting (XSS) vulnerability found in Monkeytype, a popular minimalistic and customizable typing test application. Specifically, versions 25.49.0 and earlier are affected. The vulnerability stems from improper handling of user-supplied input within quote submissions. An attacker can leverage this flaw to inject and execute malicious JavaScript code on the browsers of other users viewing the crafted quote. Technical Details The core of the vulnerability lies in how Monkeytype handles the quote.text and quote.source fields when users submit quotes. These fields, which are meant to contain the text of the quote and its source, respectively, are directly…

Overview CVE-2025-66561 details a critical security vulnerability affecting SysReptor, a popular pentest reporting platform. Specifically, it is a Stored Cross-Site Scripting (XSS) vulnerability that could allow authenticated users to inject malicious JavaScript into the system, potentially impacting other users’ accounts and data. This vulnerability has been assigned a CVSS score of 7.3, indicating a high level of severity. This advisory highlights the importance of keeping your SysReptor instance up-to-date to protect against this type of attack. Technical Details The Stored XSS vulnerability (CVE-2025-66561) exists within SysReptor versions prior to 2025.102. An authenticated user with the necessary permissions to upload files…

Overview CVE-2025-66559 identifies a critical vulnerability in Taiko Alethia, an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum. This vulnerability, present in versions 2.3.1 and earlier, could lead to chain corruption due to an issue in how batches were verified. While no CVSS score is available, the potential impact on the integrity of the rollup is significant. Technical Details The vulnerability resides within the TaikoInbox._verifyBatches function (specifically packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) of the Taiko Alethia codebase. The function incorrectly advanced the local transition ID (tid) based on the current blockHash *before* confirming the actual verification of a batch. Here’s a breakdown of the…

Overview CVE-2025-14051 describes a medium severity vulnerability found in youlaitech’s youlai-mall versions 1.0.0 and 2.0.0. This flaw allows remote attackers to manipulate dynamically-identified variables through specific functions, potentially leading to unauthorized actions and system compromise. The vendor has been notified but has not provided a response or patch. Technical Details The vulnerability resides in the getById, updateAddress, and deleteAddress functions of the /mall-ums/app-api/v1/addresses/ endpoint. An attacker can exploit this flaw by manipulating input parameters passed to these functions. Due to improper handling of dynamically-identified variables, malicious actors can potentially gain control over aspects of the application’s behavior, leading to various…

Overview CVE-2025-13373 describes a high-severity SQL injection vulnerability affecting Advantech iView versions 5.7.05.7057 and prior. This vulnerability stems from improper sanitization of SNMP v1 trap requests received on Port 162. An attacker could potentially exploit this flaw to inject malicious SQL commands, potentially leading to data breaches, system compromise, or denial of service. Technical Details The vulnerability resides in the way Advantech iView processes SNMP v1 trap requests. Specifically, the software fails to adequately sanitize data received within these requests before incorporating it into SQL queries. This lack of input validation allows an attacker to craft a malicious SNMP trap…

Overview CVE-2025-6946 details a stored Cross-Site Scripting (XSS) vulnerability affecting WatchGuard Fireware OS. This vulnerability resides within the Intrusion Prevention System (IPS) module. A successful exploit could allow an authenticated administrator to inject malicious scripts that execute within the context of other administrator sessions. This vulnerability necessitates an authenticated administrator session to a locally managed Firebox. Technical Details The vulnerability stems from improper neutralization of input during web page generation within the IPS module’s configuration interface. An attacker with administrator privileges can inject arbitrary JavaScript code into a field that is later displayed to other administrators. This injected script can…

Overview CVE-2025-66509 details a critical security vulnerability affecting LaraDashboard, an all-in-one solution designed for starting Laravel applications. Versions 2.3.0 and earlier are susceptible to a remote code execution (RCE) vulnerability. This vulnerability stems from the application’s reliance on the Host header during the password reset process and the ability to trigger code execution during module installation. Technical Details The vulnerability arises from two primary issues: Host Header Trust in Password Reset: LaraDashboard versions 2.3.0 and earlier incorrectly trust the HTTP Host header during the password reset process. This allows an attacker to manipulate the Host header to redirect the password…

Overview CVE-2025-66506 is a high-severity denial-of-service (DoS) vulnerability affecting Fulcio, a free-to-use certificate authority for issuing code signing certificates based on OpenID Connect (OIDC) identities. This vulnerability, present in versions prior to 1.8.3, stems from inefficient string processing within the identity.extractIssuerURL function. By exploiting this flaw, a malicious actor can craft requests with specially designed OIDC identity tokens to trigger excessive memory allocation, leading to a denial of service. Technical Details The vulnerability lies in the identity.extractIssuerURL function within Fulcio. This function is responsible for extracting the issuer URL from an OIDC identity token. Prior to version 1.8.3, the function…

Overview CVE-2025-66238 is a high-severity vulnerability affecting DCIM dcTrack. This flaw allows an authenticated user with access to the appliance’s virtual console to misuse certain remote access features, leading to potential network traffic redirection. This redirection could grant unauthorized access to restricted services or data on the host machine. Technical Details The vulnerability stems from improper input validation and authorization controls related to the dcTrack’s remote access capabilities. An authenticated attacker, possessing legitimate but limited access, can manipulate the configuration of network routing through the virtual console. By exploiting this vulnerability, the attacker can redirect network traffic destined for specific…

Overview CVE-2025-65900 identifies a critical security vulnerability affecting Kalmia CMS version 0.2.0. This vulnerability, classified as an Incorrect Access Control issue, resides within the /kal-api/auth/users API endpoint. It allows authenticated users with even basic read permissions to access and retrieve sensitive information belonging to all users on the platform. This unauthorized access is due to a lack of proper permission validation and excessive data exposure within the backend API. Technical Details The vulnerability stems from insufficient access control checks when querying the /kal-api/auth/users endpoint. A standard authenticated user, who should only have access to their own user data, can bypass…