Monthly
IBM Planning Analytics Local versions 2.1.0 through 2.1.17 contain a cache poisoning vulnerability (CWE-524) where attackers can manipulate the caching mechanism to store and serve sensitive, user-specific responses as publicly cacheable resources, resulting in information disclosure to unauthorized users. The vulnerability requires low attack complexity and user interaction but only affects confidentiality with a CVSS score of 5.7. A patch is available from the vendor, and this represents a moderate-priority issue requiring prompt remediation in production environments handling sensitive analytical data.
Flask versions 3.1.2 and earlier fail to set proper cache headers when the session object is accessed through certain methods like the Python `in` operator, allowing cached responses containing user-specific session data to be served to other users. An attacker can exploit this to access sensitive information from cached responses if the application runs behind a caching proxy that doesn't ignore Set-Cookie headers. This requires the vulnerable application to lack explicit Cache-Control headers and access session data in ways that bypass normal cache-control logic.
Mastodon versions prior to 4.3.19, 4.4.13, and 4.5.6 are vulnerable to web cache poisoning in ActivityPub endpoints when AUTHORIZED_FETCH is enabled, allowing cached responses to be served across different user contexts regardless of request signing. An attacker could exploit this to view content intended for non-blocked accounts or cause blocked users to receive empty responses meant for them, potentially bypassing access controls. No patch is currently available for affected deployments.
Hono versions up to 4.11.7 contains a vulnerability that allows attackers to private or authenticated responses being cached and subsequently exposed to unau (CVSS 5.3).
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. [CVSS 5.5 MEDIUM]
Improper cache handling in macOS allows attackers with physical access to recover deleted notes from memory. The vulnerability affects macOS Sequoia (before 15.7.2), macOS Sonoma (before 14.8.2), and macOS Tahoe (before 26.2), exposing sensitive user data through inadequate data sanitization. No public exploit code has been identified, and the extremely low EPSS score (0.02%) reflects the requirement for physical device access, making real-world exploitation unlikely outside of targeted scenarios involving stolen or temporarily compromised hardware.
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
CVE-2025-5141 is a security vulnerability (CVSS 5.5) that allows low privilege local users. Remediation should follow standard vulnerability management procedures.
IBM Planning Analytics Local versions 2.1.0 through 2.1.17 contain a cache poisoning vulnerability (CWE-524) where attackers can manipulate the caching mechanism to store and serve sensitive, user-specific responses as publicly cacheable resources, resulting in information disclosure to unauthorized users. The vulnerability requires low attack complexity and user interaction but only affects confidentiality with a CVSS score of 5.7. A patch is available from the vendor, and this represents a moderate-priority issue requiring prompt remediation in production environments handling sensitive analytical data.
Flask versions 3.1.2 and earlier fail to set proper cache headers when the session object is accessed through certain methods like the Python `in` operator, allowing cached responses containing user-specific session data to be served to other users. An attacker can exploit this to access sensitive information from cached responses if the application runs behind a caching proxy that doesn't ignore Set-Cookie headers. This requires the vulnerable application to lack explicit Cache-Control headers and access session data in ways that bypass normal cache-control logic.
Mastodon versions prior to 4.3.19, 4.4.13, and 4.5.6 are vulnerable to web cache poisoning in ActivityPub endpoints when AUTHORIZED_FETCH is enabled, allowing cached responses to be served across different user contexts regardless of request signing. An attacker could exploit this to view content intended for non-blocked accounts or cause blocked users to receive empty responses meant for them, potentially bypassing access controls. No patch is currently available for affected deployments.
Hono versions up to 4.11.7 contains a vulnerability that allows attackers to private or authenticated responses being cached and subsequently exposed to unau (CVSS 5.3).
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. [CVSS 5.5 MEDIUM]
Improper cache handling in macOS allows attackers with physical access to recover deleted notes from memory. The vulnerability affects macOS Sequoia (before 15.7.2), macOS Sonoma (before 14.8.2), and macOS Tahoe (before 26.2), exposing sensitive user data through inadequate data sanitization. No public exploit code has been identified, and the extremely low EPSS score (0.02%) reflects the requirement for physical device access, making real-world exploitation unlikely outside of targeted scenarios involving stolen or temporarily compromised hardware.
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
CVE-2025-5141 is a security vulnerability (CVSS 5.5) that allows low privilege local users. Remediation should follow standard vulnerability management procedures.