Overview CVE-2025-63848 describes a stored cross-site scripting (XSS) vulnerability found in SWISH Prolog versions up to and including 2.2.0. This vulnerability allows an attacker to inject malicious JavaScript code into the Web IDE notebooks, which can then be executed in the browsers of other users who access the affected notebook. This could lead to account compromise, data theft, or other malicious activities. Technical Details The vulnerability resides in the way SWISH Prolog handles user-supplied input within the web IDE notebook functionality. Specifically, unsanitized input is stored and later rendered without proper encoding. An attacker can craft a malicious notebook containing…

Overview CVE-2025-62724 identifies a “Time of Check to Time of Use” (TOCTOU) vulnerability affecting Open OnDemand, an open-source HPC portal. This flaw allows malicious users to potentially bypass file access restrictions defined by the OOD_ALLOWLIST when downloading zip files, potentially gaining unauthorized access to files. Specifically, versions prior to 4.0.8 and 3.1.16 are affected. This vulnerability impacts sites that utilize the file browser allowlists in all current versions of OOD. While UNIX permissions still provide a layer of protection, immediate patching is highly recommended. Technical Details The TOCTOU vulnerability arises during the process of creating and downloading zip files through…

Overview CVE-2025-62709 describes a medium-severity vulnerability affecting ClipBucket v5, an open-source video sharing platform. Specifically, versions up to and including 5.5.2 are susceptible. This flaw allows attackers to craft malicious password reset links by manipulating the HTTP Host header. By tricking users into clicking these links and entering their activation code, attackers can compromise user accounts. Technical Details The vulnerability lies in how ClipBucket dynamically constructs the server URL when the base_url configuration is not explicitly set. The application uses the incoming HTTP Host header to build this URL. Since the Host header is client-controlled, an attacker can inject an…

Overview CVE-2025-52410 describes a critical security vulnerability affecting Institute-of-Current-Students version 1.0, a PHP project. The vulnerability is a time-based blind SQL injection located within the mydetailsstudent.php endpoint. Specifically, the myds GET parameter is not properly sanitized before being used in SQL queries, allowing attackers to potentially extract sensitive data from the database. Technical Details The vulnerability stems from insufficient input validation on the myds GET parameter in mydetailsstudent.php. An attacker can inject malicious SQL code into this parameter. Since it is a *time-based blind* SQL injection, the attacker will not receive direct feedback of query execution. Instead, the attacker can…

Overview CVE-2025-13437 describes a critical vulnerability in the zx CLI tool that allows for arbitrary directory deletion. This vulnerability arises when the --prefer-local=<path> flag is used. A logic error in the cleanup routine can lead to the deletion of an external <path>/node_modules directory, even if it is located outside the current working directory. Technical Details The vulnerability resides in the src/cli.ts file of the zx project. Specifically, the issue lies within the linkNodeModules and cleanup functions. When zx is invoked with --prefer-local=<path>, the CLI attempts to create a symbolic link named ./node_modules pointing to <path>/node_modules. Due to the bug, the…

Overview CVE-2025-12121 identifies a critical vulnerability affecting Lite XL, a lightweight code editor. Versions 2.1.8 and prior are susceptible to arbitrary command execution due to improper sanitization within the system.exec function. This flaw allows an attacker who can influence input to this function to execute arbitrary commands on the system with the privileges of the Lite XL process. Technical Details The vulnerability lies within the system.exec function and its usage across several core functionalities within Lite XL. Specifically: Project Directory Launching (core.lua): The process of opening a project directory may leverage system.exec, making it a potential attack vector. Drag-and-Drop File…

Overview CVE-2025-12120 identifies a critical vulnerability in Lite XL versions 2.1.8 and prior. This vulnerability stems from the application’s automatic execution of the .lite_project.lua file when a project directory is opened, without user confirmation. Since this file can contain executable Lua code, a malicious actor could craft a project containing a malicious .lite_project.lua file. When a user opens this project in Lite XL, the malicious Lua code would be executed, potentially granting the attacker arbitrary code execution privileges within the context of the Lite XL process. Technical Details Lite XL uses the .lite_project.lua file to store project-specific configurations. The intended…

Overview CVE-2025-62875 describes an Improper Check for Unusual or Exceptional Conditions vulnerability found in OpenSMTPD. This vulnerability allows a local user to potentially crash the OpenSMTPD service, leading to a denial-of-service (DoS) condition. The affected version of OpenSMTPD impacts openSUSE Tumbleweed before version 7.8.0p0-1.1. Technical Details The vulnerability arises from a flaw in how OpenSMTPD handles specific unusual or exceptional conditions during its operation. By exploiting this weakness, a local attacker can trigger a condition that causes the OpenSMTPD process to terminate unexpectedly, effectively crashing the service. The precise method of exploitation isn’t specified in detail, but the nature of…

Overview A Stored Cross-Site Scripting (XSS) vulnerability has been identified in SOPlanning, a popular scheduling software. This vulnerability, tracked as CVE-2025-62731, affects the /feries endpoint, which is related to the public holidays feature. A malicious attacker with appropriate privileges can inject arbitrary HTML and JavaScript code into the website, posing a significant security risk. This code is then executed when other users, including administrators, access pages that display the affected data. The vulnerability has been fixed in SOPlanning version 1.55. Technical Details The vulnerability lies in the insufficient sanitization of user-supplied input within the public holidays feature. Specifically, when adding…

Overview A critical vulnerability, identified as CVE-2025-62730, has been discovered in SOPlanning. This vulnerability allows users with the user_manage_team role to escalate their privileges to administrative access. This poses a significant security risk, as malicious actors could exploit this flaw to gain complete control of the SOPlanning instance. Technical Details CVE-2025-62730 stems from insufficient access control within the user management tab of SOPlanning. Specifically, users assigned the user_manage_team role are permitted to modify the permissions of other users. However, the vulnerability lies in the fact that these users can also elevate their own privileges, including granting themselves administrative rights. This…