CVE-2025-49006 |
Description: Wasp (Web Application Specification) is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation (affecting only Keycloak with a specific config). Wasp currently lowercases OAuth user IDs before storing / fetching them. This behavior violates OAuth and OpenID Connect specifications and can result in user impersonation, account collisions, and privilege escalation. In practice, out of the OAuth providers that Wasp auth supports, only Keycloak is affected. Keycloak uses a lowercase UUID by default, but users can configure it to be case sensitive, making it affected. Google, GitHub, and Discord use numerical IDs, making them not affected. Users should update their Wasp version to `0.16.6` which has a fix for the problematic behavior. Users using Keycloak can work around the issue by not using a case sensitive user ID in their realm configuration.
CVSS: HIGH (8.2) EPSS Score: 0.21%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-48877 |
Description: Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, Codepen is present in the default `allowed_iframes` site setting, and it can potentially auto-run arbitrary JS in the iframe scope, which is unintended. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. As a workaround, the Codepen prefix can be removed from a site's `allowed_iframes`.
CVSS: HIGH (8.1) EPSS Score: 0.06%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-48062 |
Description: Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, certain invites via email may result in HTML injection in the email body if the topic title includes HTML. This includes inviting someone (without an account) to a PM and inviting someone (without an account) to a topic with a custom message. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. This can be worked around if the relevant templates are overridden without `{topic_title}`.
CVSS: HIGH (7.1) EPSS Score: 0.04%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-48053 |
Description: Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance. This issue is patched in version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch. No known workarounds are available.
CVSS: HIGH (8.7) EPSS Score: 0.06%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-40670 |
Description: Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.
CVSS: HIGH (7.1) EPSS Score: 0.04%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-40669 |
Description: Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.
CVSS: HIGH (7.1) EPSS Score: 0.03%
June 9th, 2025 (about 1 month ago)
|
CVE-2025-40668 |
Description: Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.
CVSS: HIGH (7.1) EPSS Score: 0.04%
June 9th, 2025 (about 1 month ago)
|
CVE-2024-42367 |
Description: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root directory if those variants are symbolic links. The server protects static routes from path traversal outside the root directory when `follow_symlinks=False` (default). It does this by resolving the requested URL to an absolute path and then checking that path relative to the root. However, these checks are not performed when looking for compressed variants in the `FileResponse` class, and symbolic links are then automatically followed when performing the `Path.stat()` and `Path.open()` to send the file. Version 3.10.2 contains a patch for the issue.
CVSS: MEDIUM (4.8) EPSS Score: 0.24% SSVC Exploitation: none
June 9th, 2025 (about 1 month ago)
|
![]() |
Description: EUC Zealand was established in 1999 through a merger between the technical schools in Køge, Haslev and Næstved and has since been expanded with two centers for labor market education. Today, EUC Zealand has branches in Næstved, Køge, Haslev and Greve.
June 9th, 2025 (about 1 month ago)
|
![]() |
Description: Skyvern through 0.2.0 has a Jinja runtime leak in sdk/workflow/models/block.py.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-49619
https://github.com/Skyvern-AI/skyvern/commit/db856cd8433a204c8b45979c70a4da1e119d949d
https://cristibtz.github.io/posts/CVE-2025-49619
https://github.com/advisories/GHSA-h92g-3xc3-ww2r
CVSS: HIGH (8.5) EPSS Score: 31.37%
June 9th, 2025 (about 1 month ago)
|