Security Vulnerabilities
Apache Geode is vulnerable to CSRF attacks through GET requests to the Management and Monitoring REST API that could allow an attacker who has tricked a user into giving up their Geode session credentials to submit malicious commands on the target system on behalf of the authenticated user.
This issue affects Apache Geode: versions 1.10 through 1.15.1
Users are recommended to upgrade to version 1.15.2, which fixes the issue.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-10-18
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker to create a user account.
CVSS Score
5.8
EPSS Score
0.0
Published
2025-10-17
ThingsBoard versions < 4.2.1 contain a stored cross-site scripting (XSS) vulnerability in the dashboard's Image Upload Gallery feature. An attacker can upload an SVG file containing malicious JavaScript, which may be executed when the file is rendered in the UI. This issue results from insufficient sanitization and improper content-type validation of uploaded SVG files.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-10-17
ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the dashboard's Image Upload Gallery feature. An attacker can upload a malicious SVG file that references a remote URL. If the server processes the SVG file in a way that parses external references, it may initiate unintended outbound requests. This can be used to access internal services or resources.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-10-17
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-17
A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-17
A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-17
Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-17
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE values are directly concatenated into the JDBC URL without filtering illegal parameters. This allows an attacker to inject a malicious JDBC string into the HOSTNAME field to bypass previously patched vulnerabilities CVE-2025-57773 and CVE-2025-58045. The vulnerability is fixed in version 2.10.14. No known workarounds exist.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-17
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC driver bypass vulnerability exists in the H2 database connection handler. The getJdbc function in H2.java checks if the jdbcUrl starts with jdbc:h2 but returns a separate jdbc field as the actual connection URL. An attacker can provide a jdbcUrl that starts with jdbc:h2 while supplying a different jdbc field with an arbitrary JDBC driver and connection string. This allows an authenticated attacker to trigger arbitrary JDBC connections with malicious drivers, potentially leading to remote code execution. The vulnerability is fixed in version 2.10.14. No known workarounds exist.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-17