Overview CVE-2025-66577 is a medium severity vulnerability found in cpp-httplib, a C++11 single-file header-only cross platform HTTP/HTTPS library. This vulnerability allows attackers to manipulate server-side logs by injecting malicious values into the X-Forwarded-For and X-Real-IP headers. Specifically, the get_client_ip() function in docker/main.cc unconditionally accepts these headers, leading to log poisoning and potential audit evasion. Technical Details The vulnerability arises because the get_client_ip() function within the cpp-httplib library does not properly validate or sanitize the X-Forwarded-For and X-Real-IP HTTP headers. An attacker can craft HTTP requests that include arbitrary values in these headers. These values are then directly used by the…

Overview CVE-2025-66570 identifies a critical vulnerability in cpp-httplib, a C++11 single-file header-only cross-platform HTTP/HTTPS library. This vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. It has been assigned a CVSS score of 10, indicating its severity. Technical Details The vulnerability arises from how cpp-httplib handles incoming HTTP headers. An attacker can inject headers with names such as REMOTE_ADDR, REMOTE_PORT, LOCAL_ADDR, and LOCAL_PORT. These headers are parsed and stored in the request header multimap through the read_headers() function in httplib.h. The server then appends its own internal metadata using the same header names during the Server::process_request…

Overview CVE-2025-46603 is a high-severity vulnerability affecting Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior. This vulnerability stems from an improper restriction of excessive authentication attempts, potentially allowing an unauthenticated attacker with remote access to gain unauthorized access to the system. Technical Details The vulnerability resides in the authentication mechanism of the Dell CloudBoost Virtual Appliance. Specifically, the system fails to adequately limit the number of authentication attempts. This allows an attacker to potentially launch a brute-force attack or other credential stuffing techniques to bypass authentication and gain unauthorized access. The lack of account lockout or rate limiting on failed…

Overview CVE-2025-66566 is a vulnerability affecting the Java-based decompressor implementations within the yawkat LZ4 Java library (lz4-java) version 1.10.0 and earlier. This flaw stems from insufficient clearing of the output buffer, potentially allowing remote attackers to read previous buffer contents through crafted compressed input. In scenarios where the output buffer is reused without being properly cleared, this could result in the disclosure of sensitive data. This vulnerability has been addressed in version 1.10.1. Technical Details The vulnerability lies in the Java implementation of the LZ4 decompressor within the lz4-java library. Due to inadequate clearing of the output buffer after a…

Overview A critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-66562, has been discovered in TUUI, a desktop MCP client designed for unitary utility integration. This vulnerability affects versions prior to 1.3.4. By exploiting an unsafe Cross-Site Scripting (XSS) flaw within the Markdown rendering component, attackers can execute arbitrary system commands on a victim’s machine. Updating to version 1.3.4 is crucial to address this security issue. Technical Details The vulnerability stems from an XSS flaw in how TUUI renders Markdown, specifically within ECharts code blocks. TUUI allows the execution of arbitrary JavaScript within these blocks. Furthermore, TUUI exposes an IPC…

Overview CVE-2025-66558 describes a vulnerability found in Nextcloud Twofactor WebAuthn, the WebAuthn Two-Factor Provider for Nextcloud. This flaw, present in versions prior to 1.4.2 and 2.4.1, allows a potential attacker to take over a user’s registered WebAuthn 2FA device by correctly guessing a sufficiently long random string (80-128 characters). While the attacker cannot directly authenticate as the victim, they can force the victim to re-register their WebAuthn device, potentially opening the door to other attack vectors down the line. The vulnerability is addressed in versions 1.4.2 and 2.4.1. Technical Details The vulnerability stems from a missing ownership check during the…

This article provides a detailed analysis of CVE-2025-66557, a medium-severity vulnerability affecting Nextcloud Deck. We’ll explore the technical details, potential impact, and necessary steps to mitigate this risk. Overview CVE-2025-66557 affects Nextcloud Deck, a popular kanban-style organization tool integrated within Nextcloud. The vulnerability allows users with “Can share” permissions on a Deck board to modify the permissions of other users sharing the same board. This effectively allows a user to elevate their privileges or downgrade the privileges of others, potentially leading to unauthorized access and data manipulation. Technical Details The vulnerability stems from a flaw in the permission logic within…

Overview CVE-2025-66556 describes a low-severity vulnerability affecting Nextcloud Talk, a video and audio conferencing application for Nextcloud. This issue allows a participant with chat permissions to delete poll drafts created by other participants within the conversation, exploiting their numeric ID. The vulnerability has been patched in versions 20.1.8 and 21.1.2 of Nextcloud Talk. Technical Details The vulnerability stems from insufficient access control when handling poll draft deletion requests within Nextcloud Talk. A user with basic chat privileges could manipulate the request to delete a poll draft by specifying the numeric ID of another participant’s draft. The system incorrectly authorized the…

Overview CVE-2025-66554 is a low-severity vulnerability affecting the Contacts app for Nextcloud. This app facilitates syncing contacts from various devices to your Nextcloud instance and allows for editing. The vulnerability allows a malicious user to inject arbitrary CSS by manipulating the organization and title fields within their contact profile. This issue has been addressed in versions 5.5.4, 6.0.6, and 7.2.5 of the Nextcloud Contacts app. Technical Details The vulnerability stems from insufficient sanitization of user-provided input in the “organisation” and “title” fields. While Javascript and other potentially more dangerous code were blocked by Nextcloud’s Content Security Policy (CSP), a malicious…

Overview CVE-2025-66553 is a medium-severity vulnerability affecting the Nextcloud Tables application. This vulnerability allows authenticated users to potentially view metadata of columns in other tables within the application by manipulating the numeric ID in a request. This exposure could lead to information disclosure and potentially aid in further exploitation. The vulnerability has been patched in versions 0.8.7 and 0.9.4 of the Tables application. Technical Details The vulnerability stems from insufficient access control checks within the Nextcloud Tables application. Specifically, the application fails to properly validate the user’s authorization when retrieving column metadata. By modifying the numeric ID associated with a…