Skip to main content
CVE-2025-31186 LOW Monitor

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. [CVSS 3.3 LOW]

Apple Authentication Bypass
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-24090 LOW Monitor

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. [CVSS 3.3 LOW]

Apple iOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-44210 LOW Monitor

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-14822 LOW PATCH Monitor

Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens [CVSS 3.1 LOW]

Information Disclosure Mattermost Server
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2025-61873 LOW Monitor

Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used. [CVSS 2.6 LOW]

Code Injection
NVD
CVSS 3.1
2.6
EPSS
0.0%
CVE-2024-54556 LOW Monitor

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. [CVSS 2.4 LOW]

Apple iOS
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2026-0858 LOW PATCH Monitor

PlantUML versions before 1.2026.0 fail to properly sanitize interactive attributes in GraphViz diagrams, allowing attackers to inject malicious JavaScript into SVG output through crafted diagram files. Applications that render these SVGs are vulnerable to arbitrary script execution within the user's browser context. A patch is available to address this stored XSS vulnerability.

XSS Plantuml
NVD GitHub
CVSS 4.0
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy