[25/04/2026 22:10] Trump é retirado de jantar com correspondentes após suspeita de tiros - Correio Braziliense

[25/04/2026 10:40] Irã entrega exigências para acordo de cessar-fogo no Oriente Médio - Jovem Pan

[25/04/2026 08:50] Nikolas critica capacidade cognitiva de Jair Renan: “Toupeira cega” - Poder360

[25/04/2026 16:16] Zema cogita acionar Justiça contra Gilmar: "Fala ofensiva, xenofóbica" - CNN Brasil

[25/04/2026 16:18] EUA ou China? Avanço da IA coloca Brasil em um dilema - Olhar Digital

[25/04/2026 16:29] Ginecologista é preso suspeito de estuprar 23 mulheres em Goiás - Estado de Minas

[25/04/2026 15:32] Se eu tivesse juízo não disputaria mais a Presidência, diz Ciro Gomes - O Antagonista

[25/04/2026 04:30] Messias conta votos e adota tom conciliador para tentar aprovação ao STF - CNN Brasil

[25/04/2026 13:58] Sem 6 X 1, comércio “vai poder contratar folguista”, diz Boulos - Poder360

[25/04/2026 16:00] Dia mais frio do ano já tem data para chegar e Brasil pode ter mínimas de 0°C; veja onde - ND Mais

[CVE-2025-66203] [Modified: 09-03-2026] [Analyzed] [V3.1 S9.9:CRITICAL] StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution (RCE) vulnerability exists in the stream-vault application (SpiritApplication). The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without sufficient validation. These arguments are stored globally and subsequently used in YtDlpUtil.java when constructing the command line to execute yt-dlp. This issue has been patched in version 251126.

[CVE-2025-68148] [Modified: 31-12-2025] [Analyzed] [V3.1 S4.3:MEDIUM] FreshRSS is a free, self-hostable RSS aggregator. From version 1.27.0 to before 1.28.0, An attacker could globally deny access to feeds via proxy modifying to 429 Retry-After for a large list of feeds on given instance, making it unusable for majority of users. This issue has been patched in version 1.28.0.

[CVE-2025-68473] [Modified: 22-01-2026] [Analyzed] [V3.1 S8.6:HIGH] ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the ESP-IDF Bluetooth host stack (BlueDroid), the function bta_dm_sdp_result() used a fixed-size array uuid_list[32][MAX_UUID_SIZE] to store discovered service UUIDs during the SDP (Service Discovery Protocol) process. On modern Bluetooth devices, it is possible for the number of available services to exceed this fixed limit (32). In such cases, if more than 32 services are discovered, subsequent writes to uuid_list could exceed the bounds of the array, resulting in a potential out-of-bounds write condition.

[CVE-2025-68474] [Modified: 22-01-2026] [Analyzed] [V3.1 S7.6:HIGH] ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrc_vendor_msg() function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRC_MIN_CMD_LEN (20 bytes). However, the actual fixed header data written before the vendor payload exceeds this value. This totals 29 bytes written before p_msg->p_vendor_data is copied. Using the old AVRC_MIN_CMD_LEN could allow an out-of-bounds write if vendor_len approaches the buffer limit. For commands where vendor_len is large, the original buffer allocation may be insufficient, causing writes beyond the allocated memory. This can lead to memory corruption, crashes, or other undefined behavior. The overflow could be larger when assertions are disabled.

[CVE-2025-68932] [Modified: 31-12-2025] [Analyzed] [V3.1 S9.8:CRITICAL] FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptographically weak random number generators (mt_rand() and uniqid()) to generate remember-me authentication tokens and challenge-response nonces. This allows attackers to predict valid session tokens, leading to account takeover through persistent session hijacking. The remember-me tokens provide permanent authentication and are the sole credential for "keep me logged in" functionality. This issue has been patched in version 1.28.0.

[CVE-2025-59946] [Modified: 30-01-2026] [Analyzed] [V3.1 S7.5:HIGH] NanoMQ MQTT Broker (NanoMQ) is an Edge Messaging Platform. Prior to version 0.24.2, there is a classical data racing issue about sub info list which could result in heap use after free crash. This issue has been patched in version 0.24.2.

[CVE-2025-68927] [Modified: 02-01-2026] [Analyzed] [V3.1 S6.1:MEDIUM] Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/{id}/notes, the backend automatically wraps user input in <p> tags. However, by intercepting the request and removing the <p> tag, an attacker can inject arbitrary HTML elements such as forms and images, which are then stored and rendered without proper sanitization. This can lead to phishing, CSRF-style forced actions, and UI redress attacks. This issue has been patched in version 0.8.6-beta.

[CVE-2025-68948] [Modified: 02-01-2026] [Analyzed] [V3.1 S8.1:HIGH] SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode is stored within the session cookie, an attacker who intercepts or obtains a user's encrypted session cookie (e.g., via session hijacking) can locally decrypt it using the public key. Once decrypted, the attacker can retrieve the AccessAuthCode in plain text and use it to authenticate or take over the session.

[CVE-2025-68952] [Modified: 19-02-2026] [Analyzed] [V3.1 S9.8:CRITICAL] Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution (RCE) vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction (1-click). This issue has been patched in version 0.0.61.

[CVE-2025-15105] [Modified: 31-12-2025] [Analyzed] [V3.1 S3.7:LOW] A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown function of the file /getmaxun/maxun/blob/develop/server/src/routes/auth.ts. Performing manipulation of the argument api_key results in use of hard-coded cryptographic key . Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is considered difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15106] [Modified: 31-12-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in getmaxun maxun up to 0.0.28. The affected element is the function router.get of the file server/src/routes/auth.ts of the component Authentication Endpoint. Executing manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15107] [Modified: 31-12-2025] [Analyzed] [V3.1 S3.7:LOW] A security vulnerability has been detected in actiontech sqle up to 4.2511.0. The impacted element is an unknown function of the file sqle/utils/jwt.go of the component JWT Secret Handler. The manipulation of the argument JWTSecretKey leads to use of hard-coded cryptographic key . The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report and is planning to fix this flaw in an upcoming release.

[CVE-2025-54322] [Modified: 09-01-2026] [Analyzed] [V3.1 S10.0:CRITICAL] Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

[CVE-2025-14177] [Modified: 08-01-2026] [Analyzed] [V3.1 S7.5:HIGH] In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.

[CVE-2025-14180] [Modified: 09-01-2026] [Analyzed] [V3.1 S7.5:HIGH] In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.

[CVE-2025-68972] [Modified: 09-01-2026] [Analyzed] [V3.1 S5.9:MEDIUM] In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

[CVE-2025-15118] [Modified: 07-01-2026] [Analyzed] [V3.1 S4.3:MEDIUM] A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

[CVE-2025-15119] [Modified: 07-01-2026] [Analyzed] [V3.1 S3.1:LOW] A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15120] [Modified: 30-12-2025] [Analyzed] [V3.1 S3.1:LOW] A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the file /sys/sysDepartRole/getDeptRoleList. This manipulation of the argument departId causes improper authorization. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-15121] [Modified: 30-12-2025] [Analyzed] [V3.1 S2.4:LOW] A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure but did not respond in any way.