Security Vulnerabilities
Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-25
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, there is a H2 JDBC RCE bypass in DataEase. If the JDBC URL meets criteria, the getJdbcUrl method is returned, which acts as the getter for the JdbcUrl parameter provided. This bypasses H2's filtering logic and returns the H2 JDBC URL, allowing the "driver":"org.h2.Driver" to specify the H2 driver for the JDBC connection. The vulnerability has been fixed in version 2.10.12.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-08-25
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability requires commons-collections 4.x and aspectjweaver-1.9.22.jar. The vulnerability has been fixed in version 2.10.12.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-08-25
PerfreeBlog v4.0.11 has a directory traversal vulnerability in the getThemeFilesByName function.
CVSS Score
7.5
EPSS Score
0.007
Published
2025-08-25
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-25
Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
CVSS Score
9.8
EPSS Score
0.005
Published
2025-08-25
A security flaw has been discovered in lostvip-com ruoyi-go up to 2.1. Impacted is the function DownloadTmp/DownloadUpload of the file modules/system/controller/CommonController.go. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-08-25
FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-25
Cross Site Scripting vulnerability in docmost v.0.21.0 and before allows an attacker to execute arbitrary code
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-25
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function.
CVSS Score
7.2
EPSS Score
0.003
Published
2025-08-25