[13/02/2026 10:30] Conexões exclusivas, luxo e sexo: Como os arquivos Epstein revelaram o mundo oculto de uma elite sem freios - O Globo

[13/02/2026 22:36] STF forma maioria contra aposentadoria especial para vigilantes - CNN Brasil

[13/02/2026 19:37] Morte é confirmada em naufrágio de lancha no Encontro das Águas, em Manaus; passageiros ficaram à deriva - ac24horas

[14/02/2026 08:01] Secretário destaca avanços em tecnologia para a segurança de Rio Branco - DIÁRIO DO ESTADO

[14/02/2026 03:21] Quebra de patentes das canetas emagrecedoras provoca polêmica - Correio Braziliense

[13/02/2026 18:09] “Nem mesmo os EUA serão fortes”, diz chanceler alemão - O Antagonista

[13/02/2026 16:39] 200 mm em 48 horas, chuvas e tempestades por todo o Carnaval na Região Sul; confira as áreas em risco - Meteored Brasil

[13/02/2026 10:24] Já fez o roteiro para o feriado? Confira a programação dos blocos do DF - Correio Braziliense

[13/02/2026 00:23] EXCLUSIVO: Justiça autoriza busca por 35 novas provas do Caso Orelha - NSC Total

[13/02/2026 13:16] Diálogos indicam pressão do Banco Master para inflar avaliação de fundos, diz PF - Brasil 247

[CVE-2025-11902] [Modified: 24-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. Affected by this vulnerability is the function findField of the file /cms/article/findField. Performing manipulation of the argument cid results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11903] [Modified: 24-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-60359] [Modified: 23-10-2025] [Analyzed] [V3.1 S5.5:MEDIUM] radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

[CVE-2025-60360] [Modified: 23-10-2025] [Analyzed] [V3.1 S5.5:MEDIUM] radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

[CVE-2025-11904] [Modified: 24-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-55085] [Modified: 27-10-2025] [Analyzed] [V3.1 S7.5:HIGH] In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.

[CVE-2025-60361] [Modified: 23-10-2025] [Analyzed] [V3.1 S3.3:LOW] radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

[CVE-2025-11905] [Modified: 24-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the function getArticle of the file app\modules\cms\controller\gather.js. The manipulation results in code injection. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-58747] [Modified: 29-10-2025] [Analyzed] [V3.1 S6.1:MEDIUM] Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in the OAuth flow implementation where the authorization_url provided by a remote MCP server is directly passed to window.open without validation or sanitization. An attacker can craft a malicious MCP server that returns a JavaScript URI (such as javascript:alert(1)) in the authorization_url field, which is then executed when the victim attempts to connect to the MCP server. This allows the attacker to execute arbitrary JavaScript in the context of the Dify application.

[CVE-2025-59043] [Modified: 24-10-2025] [Analyzed] [V3.1 S7.5:HIGH] OpenBao is an open source identity-based secrets management system. In OpenBao versions prior to 2.4.1, JSON objects after decoding may use significantly more memory than their serialized version. It is possible to craft a JSON payload to maximize the factor between serialized memory usage and deserialized memory usage, similar to a zip bomb, with factors reaching approximately 35. This can be used to circumvent the max_request_size configuration parameter which is intended to protect against denial of service attacks. The request body is parsed into a map very early in the request handling chain before authentication, which means an unauthenticated attacker can send a specifically crafted JSON object and cause an out-of-memory crash. Additionally, for requests with large numbers of strings, the audit subsystem can consume large quantities of CPU. The vulnerability is fixed in version 2.4.1.

[CVE-2025-57164] [Modified: 23-10-2025] [Analyzed] [V3.1 S6.5:MEDIUM] Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.

[CVE-2025-62419] [Modified: 24-10-2025] [Analyzed] [V3.1 S7.5:HIGH] DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE values are directly concatenated into the JDBC URL without filtering illegal parameters. This allows an attacker to inject a malicious JDBC string into the HOSTNAME field to bypass previously patched vulnerabilities CVE-2025-57773 and CVE-2025-58045. The vulnerability is fixed in version 2.10.14. No known workarounds exist.

[CVE-2025-62420] [Modified: 24-10-2025] [Analyzed] [V3.1 S8.8:HIGH] DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC driver bypass vulnerability exists in the H2 database connection handler. The getJdbc function in H2.java checks if the jdbcUrl starts with jdbc:h2 but returns a separate jdbc field as the actual connection URL. An attacker can provide a jdbcUrl that starts with jdbc:h2 while supplying a different jdbc field with an arbitrary JDBC driver and connection string. This allows an authenticated attacker to trigger arbitrary JDBC connections with malicious drivers, potentially leading to remote code execution. The vulnerability is fixed in version 2.10.14. No known workarounds exist.

[CVE-2025-62421] [Modified: 24-10-2025] [Analyzed] [V3.1 S5.4:MEDIUM] DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a stored cross-site scripting vulnerability exists due to improper file upload validation and authentication bypass. The StaticResourceApi interface defines a route upload/{fileId} that uses a URL path parameter where both the filename and extension of uploaded files are controllable by users. During permission validation, the TokenFilter invokes the WhitelistUtils#match method to determine if the URL path is in the allowlist. If the requestURI ends with .js or similar extensions, it is directly deemed safe and bypasses permission checks. This allows an attacker to access "upload/1.js" while specifying arbitrary file extensions, enabling the upload of HTML files containing malicious JavaScript. The vulnerability is fixed in version 2.10.14. No known workarounds exist.

[CVE-2025-62422] [Modified: 24-10-2025] [Analyzed] [V3.1 S8.8:HIGH] DataEase is an open source data visualization and analytics platform. In versions 2.10.13 and earlier, the /de2api/datasetData/tableField interface is vulnerable to SQL injection. An attacker can construct a malicious tableName parameter to execute arbitrary SQL commands. This issue is fixed in version 2.10.14. No known workarounds exist.

[CVE-2025-62424] [Modified: 10-11-2025] [Analyzed] [V3.1 S6.7:MEDIUM] ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - #146 and earlier, the /admin_area/template_editor.php endpoint is vulnerable to path traversal. The validation of the file-loading path is inadequate, allowing authenticated administrators to read and write arbitrary files outside the intended template directory by inserting path traversal sequences into the folder parameter. An attacker with administrator privileges can exploit this vulnerability to read sensitive files such as /etc/passwd and modify writable files on the system, potentially leading to sensitive information disclosure and compromise of the application or server. This issue is fixed in version 5.5.2 - #147.

[CVE-2025-62430] [Modified: 10-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 #145 allows stored cross-site scripting (XSS) in multiple video and photo metadata fields. For videos the Tags field and the Genre, Actors, Producer, Executive Producer, and Director fields in Movieinfos accept user supplied values without adequate sanitization. For photos the Photo Title and Photo Tags fields accept user supplied values without adequate sanitization. A regular user who can edit a video or photo can inject script (for example by supplying a value such as a closing delimiter followed by a script element). The injected script executes when any user, including an unauthenticated visitor or an administrator, views the affected video or photo page. Although cookies are set with the HttpOnly attribute and cannot be read directly, the injected script can issue fetch requests to endpoints such as admin_area pages and exfiltrate their contents or trigger unintended actions. Version 5.5.2 build #146 and later contain a fix. Update to build 5.5.2 #146 or later. No known workarounds exist.

[CVE-2025-11908] [Modified: 31-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-11909] [Modified: 31-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The impacted element is the function queryLast of the file /RepairRecord.do?Action=QueryLast. Executing manipulation of the argument orderField can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

[CVE-2025-34282] [Modified: 24-10-2025] [Analyzed] [V3.1 S9.1:CRITICAL] ThingsBoard versions < 4.2.1 contain a server-side request forgery (SSRF) vulnerability in the dashboard's Image Upload Gallery feature. An attacker can upload a malicious SVG file that references a remote URL. If the server processes the SVG file in a way that parses external references, it may initiate unintended outbound requests. This can be used to access internal services or resources.