Latest CVE Feed
-
7.5
HIGHCVE-2025-61910
The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A BPv7 bundle with a malformed extension block causes uncontrolled memory allocation inside ION-DTN 4.1.3s, leading to receiver thread term... Read more
Affected Products :- Published: Oct. 07, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Denial of Service
-
4.7
MEDIUMCVE-2025-61776
Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to `api.nuget.org` vi... Read more
Affected Products : dependency-track- Published: Oct. 07, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Supply Chain
-
7.1
HIGHCVE-2025-6242
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate rest... Read more
Affected Products : vllm- Published: Oct. 07, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Server-Side Request Forgery
-
6.5
MEDIUMCVE-2025-11491
A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the att... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection