Skip to main content
CVE-2025-48946 LOW PATCH Monitor

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Liboqs
NVD GitHub
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-1792 LOW PATCH Monitor

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-48938 LOW PATCH Monitor

go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Go Gh
NVD GitHub
CVSS 4.0
2.6
EPSS
0.4%
CVE-2025-3611 LOW PATCH Monitor

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-48491 LOW Monitor

Project AI is a platform designed to create AI agents. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 4.0
2.7
EPSS
0.8%
CVE-2025-48068 LOW PATCH Monitor

Next.js is a React framework for building full-stack web applications. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Node.js Next.js Vercel
NVD GitHub
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-47952 LOW PATCH Monitor

Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Traefik
NVD GitHub
CVSS 4.0
2.9
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy