Session fixation in Spring Framework's WebFlux reactive stack (versions 5.3.x through 7.0.x) enables a remote attacker to hijack an authenticated user's session by leveraging a compromised subdomain - typically via cross-site scripting - to plant a known session ID and exchange it for the victim's authenticated session post-login. The attack is classified as CWE-384 and requires both a prior subdomain compromise and user interaction, placing real-world exploitability well below the headline concern for most deployments. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Information disclosure in NETGEAR Orbi satellite devices (RBR350, RBR760, RBS350, RBS760, RBE97x) allows a low-privileged user on the same network to obtain administrator access to the Orbi router. The flaw resides specifically in the satellite-to-router communication layer, as NETGEAR explicitly confirms Orbi systems deployed without satellites are unaffected. No public exploit exists (CVSS E:U) and CISA SSVC rates exploitation as none, but the high secondary impact scores (SC:H/SI:H/SA:H) reflect that successful exploitation yields full router compromise.
SAP Fiori Launchpad is vulnerable to malicious URL crafting that triggers arbitrary service calls within the Fiori domain, enabling credential theft from users who interact with the crafted link. Exploitation requires no attacker privileges (PR:N per CVSS) but demands high attack complexity (AC:H) and user interaction (UI:R), meaning adversaries must possess advanced system knowledge and successfully deliver the URL to a victim. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog, placing this in the medium-priority tier despite the credential-theft potential.
Improper access control in the IOMMU register interface on AMD EPYC server processors allows a high-privileged local attacker to induce non-coherent memory accesses by the AMD Secure Processor (ASP), resulting in loss of system integrity beyond the directly compromised component. Affected processor families span EPYC 8004, 9004, and 9005 series - including embedded variants - covering AMD's current-generation server and embedded datacenter platforms. No public exploit code and no CISA KEV listing exist at time of analysis, but the elevated subsequent integrity impact (SI:H in CVSS 4.0) signals meaningful security boundary degradation, particularly relevant for confidential computing and virtualized environments where ASP integrity is foundational.