Overview A critical security vulnerability, identified as CVE-2025-65892, has been discovered in krpano versions prior to 1.23.2. This vulnerability is a Reflected Cross-Site Scripting (rXSS) flaw that could allow a remote, unauthenticated attacker to execute arbitrary JavaScript code in the browser of an unsuspecting user. This is achieved through a specially crafted URL targeting the `passQueryParameters` function when the `xml` parameter is enabled. Users of krpano are strongly advised to update to version 1.23.2 or later immediately. Technical Details The vulnerability lies within the `passQueryParameters` function of krpano. When the `xml` parameter is enabled, the function doesn’t properly sanitize user-supplied…

Overview A critical security vulnerability, identified as CVE-2025-65540, has been discovered in xmall version 1.1. This vulnerability involves multiple Cross-Site Scripting (XSS) flaws stemming from the application’s failure to properly sanitize or encode user-supplied data before rendering it in HTML. This oversight allows attackers to inject and execute malicious scripts within the context of vulnerable pages. Technical Details The XSS vulnerabilities are present in user input fields such as username and description. These fields accept user-provided data, which is then directly included in HTML output without adequate sanitization. An attacker can exploit this by injecting malicious JavaScript code into these…

Overview CVE-2025-66223 identifies a critical broken access control vulnerability within OpenObserve, a cloud-native observability platform. Specifically, organization invitation tokens did not expire and remained valid even after a user was removed or demoted, allowing them to potentially regain access or escalate their privileges. This issue affects versions prior to 0.16.0. This article details the vulnerability, its potential impact, and the necessary steps for mitigation. Technical Details The vulnerability stems from the way OpenObserve handles organization invitations. Before version 0.16.0, when an administrator invited a user to join an organization, the generated invitation token would persist indefinitely. Furthermore, multiple invitations with…

Overview CVE-2025-66221 describes a security vulnerability in Werkzeug, a comprehensive WSGI web application library. Specifically, the safe_join function, when used in conjunction with send_from_directory on Windows operating systems, can lead to a denial-of-service (DoS) condition. This occurs because safe_join incorrectly handles path segments containing Windows device names (e.g., CON, AUX). This vulnerability is patched in Werkzeug version 3.1.4. Technical Details On Windows systems, certain device names like “CON,” “AUX,” “PRN,” “NUL,” “COM1,” “COM2,” etc. are reserved and implicitly exist in every directory. When Werkzeug’s safe_join function processes a path ending with such a device name, it fails to properly sanitize…

Overview CVE-2025-66217 identifies a critical vulnerability in AIS-catcher, a multi-platform AIS receiver, specifically affecting versions prior to 0.64. This flaw resides within the MQTT parsing logic and stems from an integer underflow. By exploiting this vulnerability, a malicious actor can trigger a substantial Heap Buffer Overflow through a carefully crafted MQTT packet containing a manipulated Topic Length field. This leads to an immediate Denial of Service (DoS) condition and, when AIS-catcher is employed as a library, severe memory corruption which could potentially be exploited for Remote Code Execution (RCE). Technical Details The vulnerability is rooted in the way AIS-catcher handles…

Overview A critical heap buffer overflow vulnerability has been identified in AIS-catcher, a multi-platform AIS receiver. This vulnerability, tracked as CVE-2025-66216, affects versions prior to 0.64. The issue resides within the AIS::Message class and allows a malicious actor to potentially overwrite sensitive memory, leading to unpredictable behavior or even remote code execution. Users of AIS-catcher are strongly advised to update to version 0.64 immediately. Technical Details CVE-2025-66216 is a heap buffer overflow vulnerability located in the AIS::Message class of AIS-catcher. Specifically, the vulnerability allows an attacker to write approximately 1KB of arbitrary data into a buffer that is only 128…

Overview CVE-2025-61915 is a medium severity vulnerability affecting OpenPrinting CUPS (Common Unix Printing System), a widely used open-source printing system for Linux and other Unix-like operating systems. This vulnerability allows a user in the lpadmin group to inject malicious configuration lines via the CUPS web UI, leading to an out-of-bounds write during the parsing of the configuration by the cupsd process, which runs as root. Successful exploitation can lead to privilege escalation, allowing an attacker to execute arbitrary code with root privileges. Technical Details The vulnerability stems from insufficient input validation within the CUPS web UI and the subsequent parsing…

Overview CVE-2025-58436 is a medium severity denial-of-service (DoS) vulnerability affecting OpenPrinting CUPS (Common UNIX Printing System) versions prior to 2.4.15. This vulnerability allows a malicious client sending slow messages to the CUPS daemon (cupsd) to exhaust resources and render the printing service unusable for other clients. Organizations relying on CUPS for their printing infrastructure should take immediate action to mitigate this risk. Published: 2025-11-29T03:15:59.323 Technical Details The vulnerability stems from the way cupsd handles client connections. A client initiating a connection and sending data at a very slow rate (e.g., one byte per second) can tie up a cupsd worker…

Published: 2025-11-29T03:15:59.153 Overview CVE-2025-53939 is a medium-severity vulnerability affecting Kiteworks, a private data network (PDN) solution. Specifically, versions prior to 9.1.0 are susceptible to improper input validation when managing roles within shared folders. This flaw can lead to the unintended elevation of another user’s permissions on the affected share. Technical Details The vulnerability resides in the role management functionality of shared folders within Kiteworks. Due to insufficient input validation, a malicious actor could manipulate the role assignment process. This manipulation could grant a user higher privileges than intended, potentially allowing them to access, modify, or delete data that they should…

Overview CVE-2025-53900 identifies a medium-severity vulnerability in Kiteworks Managed File Transfer (MFT) versions prior to 9.1.0. This flaw arises from an improper definition of roles and permissions related to managing Connections within the Kiteworks MFT platform. Exploitation of this vulnerability could lead to an unexpected escalation of privileges for authorized users, allowing them to perform actions beyond their intended scope. Technical Details The vulnerability stems from insufficient access control checks when managing Connections in Kiteworks MFT. Specifically, the system fails to adequately validate user roles and permissions before granting access to modify or delete Connections. This allows a user with…