Overview A high-severity security vulnerability, identified as CVE-2025-65027, has been discovered in RomM (ROM Manager). RomM is a software application designed to scan, enrich, browse, and play game collections through a clean and responsive interface. This vulnerability stems from unrestricted file upload capabilities, allowing authenticated users to upload malicious SVG or HTML files. When these files are accessed, the browser executes embedded JavaScript, resulting in stored Cross-Site Scripting (XSS). This XSS, combined with a Cross-Site Request Forgery (CSRF) misconfiguration, can be exploited to achieve full administrative account takeover, leading to the creation of rogue admin accounts, escalation of attacker privileges,…

Overview CVE-2025-61727 is a certificate vulnerability that reveals a flaw in how excluded subdomain constraints are enforced when wildcard Subject Alternative Names (SANs) are present in leaf certificates. Specifically, the vulnerability allows a leaf certificate with a wildcard SAN to bypass an excluded subdomain constraint intended to limit its scope. Published on 2025-12-03T20:16:25.607, this issue highlights the importance of rigorous certificate validation and the potential risks associated with misconfigured or improperly enforced certificate constraints. Technical Details The core of the vulnerability lies in the interpretation of certificate chain validation logic. When a certificate authority (CA) sets up constraints, it might…

Overview CVE-2025-50361 describes a buffer overflow vulnerability found in the SmallBASIC community’s SmallBASIC with SDL. This vulnerability affects versions prior to v12_28 and specifically targets commit sha: 298a1d495355959db36451e90a0ac74bcc5593fe. The flaw resides within the main.cpp file and, if exploited, could lead to information leakage and application crashes. Given the potential impact, it’s crucial for users of affected versions to understand the vulnerability and apply the necessary mitigations. Technical Details The buffer overflow vulnerability in SmallBASIC (CVE-2025-50361) stems from improper handling of input data within the main.cpp file. Specifically, the code lacks sufficient boundary checks when processing input, allowing an attacker to…

Overview This article provides a detailed analysis of CVE-2025-13086, a security vulnerability affecting OpenVPN versions 2.6.0 through 2.7_rc1. This vulnerability stems from improper validation of source IP addresses during session establishment, potentially allowing an attacker to hijack existing sessions and cause a denial of service (DoS) for legitimate clients. Technical Details The core issue lies in the inadequate verification of the source IP address of incoming packets after the initial connection handshake. An attacker, by spoofing the IP address of a connected client, can inject packets into the existing OpenVPN session. This allows them to effectively take over the session…

Overview CVE-2025-12385 identifies a vulnerability within the Text component of the Qt Quick framework. This vulnerability stems from the lack of proper validation for the width and height attributes within the <img> tag. An attacker can exploit this by injecting excessively large values into these attributes, causing the application to allocate an unreasonable amount of resources, potentially leading to unresponsiveness or a denial-of-service (DoS) condition. This vulnerability affects Qt versions 5.0.0 through 6.5.10, 6.6.0 through 6.8.5, and 6.9.0 through 6.10.0 across multiple platforms including Windows, MacOS, Linux, iOS, and Android, as well as architectures like x86, ARM, 64-bit, and 32-bit.…

Overview CVE-2025-66222 is a critical security vulnerability affecting DeepChat, a smart assistant powered by artificial intelligence. Specifically, versions 0.5.0 and earlier are susceptible to a Stored Cross-Site Scripting (XSS) vulnerability within the Mermaid diagram rendering functionality. This flaw allows a malicious actor to inject and execute arbitrary JavaScript code within the context of the DeepChat application. More alarmingly, this XSS vulnerability can be escalated to Remote Code Execution (RCE) by exploiting the exposed Electron IPC bridge. Technical Details The vulnerability resides in how DeepChat handles Mermaid diagrams. An attacker can craft a malicious Mermaid diagram containing JavaScript code. When a…

Overview CVE-2025-66220 describes a medium severity vulnerability affecting Envoy, a high-performance edge/middle/service proxy. This vulnerability resides in the mTLS certificate matching logic when using match_typed_subject_alt_names. Specifically, certificates containing an embedded null byte (\0) within an OTHERNAME Subject Alternative Name (SAN) value can be incorrectly treated as valid matches, potentially leading to an mTLS bypass. This affects Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier. Technical Details The vulnerability stems from how Envoy parses and validates the OTHERNAME SAN values in client certificates during mTLS authentication. The match_typed_subject_alt_names feature allows Envoy to match specific SAN values against a configured list. However,…

Overview A critical vulnerability, identified as CVE-2025-66208, has been discovered in Collabora Online’s Built-in CODE Server (richdocumentscode). This vulnerability, affecting versions prior to 25.04.702, allows for Configuration-Dependent Remote Code Execution (RCE) via OS Command Injection within the richdocumentscode proxy. Specifically, users leveraging the Nextcloud Collabora Online – Built-in CODE Server app are susceptible to attack through the `proxy.php` file and an intermediate reverse proxy. Technical Details The vulnerability stems from insufficient sanitization of input passed to the `proxy.php` script within the Collabora Online Built-in CODE Server. An attacker can exploit this weakness by crafting malicious requests that, when processed by…

Overview CVE-2025-63402 describes a medium severity vulnerability affecting HCL Technologies Limited’s HCLTech GRAGON product. Specifically, versions prior to 7.6.0 are susceptible to remote code execution (RCE). This vulnerability stems from a lack of input validation on API endpoints, allowing attackers to potentially overwhelm the system and execute arbitrary code. Technical Details The vulnerability lies in the improper handling of requests made to GRAGON’s APIs. The affected APIs do not enforce limits on either the number of requests made within a specific timeframe or the size of individual requests. An attacker could exploit this by sending a large volume of excessively…

Overview CVE-2025-63401 is a Cross-Site Scripting (XSS) vulnerability identified in HCL Technologies Limited’s HCLTech DRAGON software, affecting versions prior to 7.6.0. This vulnerability allows a remote attacker to execute arbitrary code within the context of a user’s browser session. The root cause lies in missing directives that fail to properly sanitize user-supplied input, opening a door for malicious script injection. Technical Details The vulnerability stems from insufficient input validation within the HCLTech DRAGON application. Specifically, certain user-supplied data is not properly sanitized or encoded before being rendered in a web page. An attacker can exploit this by injecting malicious JavaScript…