Skip to main content
CVE-2025-66062 LOW Monitor

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.7.28. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Open Redirect
NVD
CVSS 3.1
3.4
EPSS
0.1%
CVE-2025-31216 LOW Monitor

The issue was addressed with improved checks. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2025-12888 LOW Monitor

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the. Rated low severity (CVSS 1.0). No vendor patch available.

Information Disclosure Wolfssl
NVD GitHub
CVSS 4.0
1.0
EPSS
0.0%
CVE-2025-11934 LOW PATCH Monitor

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wolfssl
NVD GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11933 LOW PATCH Monitor

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wolfssl
NVD GitHub
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-11932 LOW PATCH Monitor

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wolfssl
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-11931 LOW PATCH Monitor

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Wolfssl
NVD GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-65111 LOW PATCH Monitor

SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-54866 LOW POC PATCH Monitor

Wazuh is a free and open source platform used for threat prevention, detection, and response. Rated low severity (CVSS 1.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Wazuh
NVD GitHub
CVSS 4.0
1.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy