Latest CVE Feed
-
5.3
MEDIUMCVE-2025-12585
The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values tha... Read more
Affected Products :- Published: Dec. 03, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Information Disclosure
-
6.4
MEDIUMCVE-2025-13401
The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attribute... Read more
Affected Products : autoptimize- Published: Dec. 03, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-40228
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damon_ctx [de]allocation". DAMON sysfs interface dynamically allocates and uses a damo... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40242
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In ... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Race Condition