Skip to main content
CVE-2025-48370 LOW PATCH Monitor

auth-js is an isomorphic Javascript library for Supabase Auth. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
CVSS 4.0
2.7
EPSS
0.2%
CVE-2025-2826 LOW Monitor

n affected platforms running Arista EOS, ACL policies may not be enforced. Rated low severity (CVSS 2.6). No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
2.6
EPSS
0.1%
CVE-2025-2236 LOW Monitor

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. Rated low severity (CVSS 2.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-48382 LOW PATCH Monitor

Fess is a deployable Enterprise Search Server. Rated low severity (CVSS 1.2), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Fess
NVD GitHub
CVSS 4.0
1.2
EPSS
0.1%
CVE-2025-26211 LOW Monitor

Gibbon before 29.0.00 allows CSRF. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Gibbon
NVD GitHub
CVSS 3.1
3.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy