WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.5 in the `id_funcionario` parameter of the `/html/saude/profile_paciente.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.5 fixes the issue.

CVE Database V5

Detailed information about CVE-2025-53946: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

CVE-2025-53946: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-53946: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

CVE-2025-53927 is a medium severity vulnerability classified under CWE-94 (Improper Control of Generation of Code, commonly known as code injection) affecting versions of the open-source AI assistant MaxKB prior to 2.0.0. MaxKB is developed by 1Panel-dev and is designed for enterprise use. The vulnerability arises from an inadequate sandbox design that attempts to restrict executable file permissions only within a specific directory. However, this restriction can be bypassed because MaxKB allows the use of Python's shutil.copy2 method to copy arbitrary commands or files into the executable directory. This bypass enables an attacker to execute arbitrary code, potentially establishing a reverse shell on the affected system. The vulnerability requires low privileges (PR:L) and user interaction (UI:R), with a network attack vector (AV:N) but high attack complexity (AC:H). The impact on confidentiality, integrity, and availability is low to medium, as indicated by the CVSS score of 4.6. The issue was resolved in MaxKB version 2.0.0 by improving sandbox restrictions to prevent such directory bypasses and unauthorized code execution. No known exploits are currently reported in the wild, but the vulnerability presents a risk if exploited, especially in enterprise environments where MaxKB is deployed.

Detailed information about CVE-2025-53927: CWE-94: Improper Control of Generation of Code ('Code Injection') in 1Panel-dev MaxKB affecting 1Panel-dev MaxKB. Get

CVE-2025-53927: CWE-94: Improper Control of Generation of Code ('Code Injection') in 1Panel-dev MaxKB - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-53927: CWE-94: Improper Control of Generation of Code ('Code Injection') in 1Panel-dev MaxKB

mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection (SSTI) vulnerability exists in versions prior to 2025-07 in the notification template system used by mailcow for sending quota and quarantine alerts. The template rendering engine allows template expressions that may be abused to execute code in certain contexts. The issue requires admin-level access to mailcow UI to configure templates, which are automatically rendered during normal system operation. Version 2025-07 contains a patch for the issue.

CVE-2025-53909 is a critical Server-Side Template Injection (SSTI) vulnerability affecting mailcow-dockerized, an open-source groupware and email suite deployed via Docker containers. The vulnerability exists in the notification template system used by mailcow to send quota and quarantine alerts. Specifically, the template rendering engine improperly neutralizes special elements within templates, allowing crafted template expressions to be executed as code in certain contexts. This can lead to remote code execution (RCE) on the mailcow server. Exploitation requires administrative-level access to the mailcow UI to configure or modify notification templates, which are then automatically rendered during normal system operations. The vulnerability affects all versions prior to 2025-07, with the vendor releasing a patch in version 2025-07 to address the issue. The CVSS v3.1 base score is 9.1 (critical), reflecting the high impact on confidentiality, integrity, and availability, the network attack vector, low attack complexity, and the requirement for high privileges but no user interaction. Although no known exploits are currently observed in the wild, the potential for exploitation is significant due to the ability to execute arbitrary code on the server hosting mailcow. This could allow attackers to compromise mail services, access sensitive email data, pivot within the network, or disrupt email operations.

Detailed information about CVE-2025-53909: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine in mailcow mailcow-dockerized affecti

CVE-2025-53909: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine in mailcow mailcow-dockerized - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-53909: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine in mailcow mailcow-dockerized

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.

CVE-2025-51630 is a buffer overflow vulnerability identified in the TOTOLINK N350RT router firmware version 9.3.5u.6139_B20201216. The vulnerability arises from improper handling of the ePort parameter within the setIpPortFilterRules function. Buffer overflow vulnerabilities occur when a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory. In this case, an attacker could craft a malicious request targeting the ePort parameter to trigger the overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code, cause a denial of service (DoS) by crashing the device, or manipulate the router’s operation. Since the vulnerability is in a network device’s firmware, exploitation could be performed remotely if the affected function is accessible via the network interface, increasing the risk. No CVSS score has been assigned yet, and no known exploits are reported in the wild. The vulnerability was reserved in mid-June 2025 and published in July 2025, indicating recent discovery. TOTOLINK N350RT is a consumer-grade wireless router commonly used in home and small office environments. The lack of a patch link suggests that a fix may not yet be available, emphasizing the importance of mitigation and monitoring. The technical details do not specify whether authentication or user interaction is required, but given the nature of the function (port filtering rules), it may be accessible via the router’s management interface or exposed services, which could be remotely exploitable if not properly secured.

Detailed information about CVE-2025-51630: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-51630: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-51630: n/a

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue.

Detailed information about CVE-2025-53941: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in fedify-dev hollo affe