Skip to main content
CVE-2025-46653 LOW POC PATCH Monitor

Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-46656 LOW POC PATCH Monitor

python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. Public exploit code available.

Python Information Disclosure Markdownify
NVD GitHub
CVSS 3.1
2.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy