Security Vulnerabilities
LinkAce is a self-hosted archive to collect website links. In versions 2.3.0 and below, the htmlKeywordsFromUrl function in the FetchController class accepts user-provided URLs and makes HTTP requests to them without validating that the destination is not an internal or private network resource. This Server-Side Request Forgery (SSRF) vulnerability allows authenticated attackers to use the application server to perform port scanning and service discovery on internal networks. Practical impact is very limited because the function only extracts content from HTML meta keywords tags, which prevents meaningful data exfiltration from databases, APIs, or cloud metadata endpoints. This issue is fixed in version 2.4.0.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-04
LinkAce is a self-hosted archive to collect website links. Versions 2.3.1 and below allow any authenticated user to export the entire database of links from all users in the system, including private links that should only be accessible to their owners. The HTML and CSV export functions in the ExportController class retrieve all links without applying any ownership or visibility filtering, effectively bypassing all access controls implemented elsewhere in the application. This issue is fixed in version 2.4.0.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-04
A maliciously crafted project file may cause a heap-based buffer
overflow in
Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer
overflow while processing a specially crafted project file, which may
allow an attacker to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-04
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their profile to change their e-mail address, the system saves it without validating that it actually belongs to the user. This could result in storing an invalid email address, preventing the user from receiving system notifications. Notifications sent to another person's email address could lead to information disclosure. This issue is fixed in version 2.27.2.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-04
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Due to incorrect use of loose (==) instead of strict (===) comparison in the authentication code in versions 2.27.1 and below.PHP type juggling will cause certain MD5 hashes matching scientific notation to be interpreted as numbers. Instances using the MD5 login method allow an attacker who knows the victim's username and has access to an account with a password hash that evaluates to zero to log in without knowing the victim's actual password, by using any other password with a hash that also evaluates to zero This issue is fixed in version 2.27.2.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-11-04
Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and insert an XSS payload. This issue is fixed in version 1.2.0.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-04
Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable to Cross-site Scripting. This issue is fixed in version 1.2.0.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-04
An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-04