Skip to main content
CVE-2025-69873 LOW POC PATCH Monitor

ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. [CVSS 2.9 LOW]

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
2.9
EPSS
0.1%
CVE-2025-14592 LOW Monitor

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized operations by submitting GraphQL mutations through the GLQL API endpoint. [CVSS 3.7 LOW]

Gitlab
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-2345 LOW Monitor

Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener('message', ...) handlers that do not properly validate the origin of incoming messages. [CVSS 3.6 LOW]

CSRF Chrome
NVD
CVSS 3.1
3.6
EPSS
0.0%
CVE-2026-1282 LOW Monitor

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles. [CVSS 3.5 LOW]

Gitlab
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-14594 LOW Monitor

Gitlab versions up to 18.6.6 is affected by authorization bypass through user-controlled key (CVSS 3.5).

Gitlab
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-20681 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20646 LOW Monitor

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20601 LOW Monitor

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20656 LOW Monitor

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple Authentication Bypass
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20663 LOW Monitor

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. [CVSS 3.3 LOW]

Apple Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20671 LOW Monitor

A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. [CVSS 3.1 LOW]

Apple Command Injection
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-20642 LOW Monitor

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. [CVSS 2.4 LOW]

Apple iOS
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2025-12474 LOW Monitor

A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches.

Information Disclosure Libjxl
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy