Monthly
EDNS OPT filter bypass in DNSdist exposes backend DNS servers to EDNS extension options that DNSdist was configured to suppress. The flaw is triggered specifically by the EDNS Client Subnet (ECS) insertion code path, which silently normalizes a crafted malformed OPT record - one that evaded DNSdist's filter - into a syntactically valid OPT record forwarded to the upstream backend. No public exploit code exists and no active exploitation has been confirmed; CVSS rates this Low (3.7) reflecting both the high attack complexity and the limited integrity-only impact.
Image input manipulation in vLLM's multimodal preprocessing pipeline allows remote, unauthenticated network attackers to craft images with specific EXIF orientation or PNG tRNS transparency metadata that, when converted to RGB by vLLM, produces semantically altered image content fed to the LLM - affecting the integrity of inference outputs and potentially the reliability of the inference service. Affected deployments include Red Hat AI Inference Server across RHEL AI 3 and Red Hat OpenShift AI (RHOAI) environments. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; however, sensitive inference workloads processing user-supplied images (e.g., document classification, content moderation) face a higher practical risk from subtle input distortion attacks.
CVE-2025-5826 is a security vulnerability (CVSS 6.3) that allows network-adjacent attackers. Remediation should follow standard vulnerability management procedures.
Remote code execution vulnerability in WOLFBOX Level 2 EV Charger devices caused by improper frame parsing in the Microcontroller Unit (MCU) firmware. Network-adjacent attackers with valid authentication credentials can exploit a frame start detection flaw to misinterpret command input and execute arbitrary code with full device privileges. While no public exploit code or active KEV listing is confirmed from the provided data, the CVSS 8.0 score and requirement for authentication (not public network access) suggest moderate real-world exploitability; however, this should be verified against EPSS scores and vendor advisories for actual threat intelligence integration.
A flaw was found in libsoup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An unhandled exception in danny-avila/librechat version 3c94ff2 can lead to a server crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
EDNS OPT filter bypass in DNSdist exposes backend DNS servers to EDNS extension options that DNSdist was configured to suppress. The flaw is triggered specifically by the EDNS Client Subnet (ECS) insertion code path, which silently normalizes a crafted malformed OPT record - one that evaded DNSdist's filter - into a syntactically valid OPT record forwarded to the upstream backend. No public exploit code exists and no active exploitation has been confirmed; CVSS rates this Low (3.7) reflecting both the high attack complexity and the limited integrity-only impact.
Image input manipulation in vLLM's multimodal preprocessing pipeline allows remote, unauthenticated network attackers to craft images with specific EXIF orientation or PNG tRNS transparency metadata that, when converted to RGB by vLLM, produces semantically altered image content fed to the LLM - affecting the integrity of inference outputs and potentially the reliability of the inference service. Affected deployments include Red Hat AI Inference Server across RHEL AI 3 and Red Hat OpenShift AI (RHOAI) environments. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; however, sensitive inference workloads processing user-supplied images (e.g., document classification, content moderation) face a higher practical risk from subtle input distortion attacks.
CVE-2025-5826 is a security vulnerability (CVSS 6.3) that allows network-adjacent attackers. Remediation should follow standard vulnerability management procedures.
Remote code execution vulnerability in WOLFBOX Level 2 EV Charger devices caused by improper frame parsing in the Microcontroller Unit (MCU) firmware. Network-adjacent attackers with valid authentication credentials can exploit a frame start detection flaw to misinterpret command input and execute arbitrary code with full device privileges. While no public exploit code or active KEV listing is confirmed from the provided data, the CVSS 8.0 score and requirement for authentication (not public network access) suggest moderate real-world exploitability; however, this should be verified against EPSS scores and vendor advisories for actual threat intelligence integration.
A flaw was found in libsoup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An unhandled exception in danny-avila/librechat version 3c94ff2 can lead to a server crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.