CERT Vulnerability Notes Database

Published	Public	Updated	ID	Title
2025-10-28	2025-10-28	2025-10-28	VU#517845	Authenticated SMTP users may spoof other identities due to ambiguous “From” header interpretation
2025-06-10	2025-06-10	2025-10-30	VU#282450	Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation
2025-08-13	2025-08-13	2025-11-05	VU#767506	HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
2025-11-11	2025-11-11	2025-11-11	VU#579478	Lite XL Arbitrary Code Execution via Project Module and Legacy system.exec Function
2025-11-11	2025-11-11	2025-11-11	VU#553375	Unprotected temporary directories in Wolfram Cloud version 14.2 may result in privilege escalation
2025-11-20	2025-11-20	2025-11-20	VU#268029	Tenda N300 Wi-Fi 4G LTE Router 4G03 Pro impacted by vulnerabilities
2025-11-07	2025-11-07	2025-11-21	VU#263614	Vulnerability in expr-eval JavaScript library can lead to arbitrary code execution
2025-11-24	2025-11-24	2025-11-24	VU#649739	Lack of Sufficient Guardrails Lead to Excessive Agency (LLM08) in Some LLM Applications
2025-11-25	2025-11-25	2025-11-25	VU#521113	Forge JavaScript library impacted by a vulnerability in signature verification.
2025-11-24	2025-11-18	2025-11-28	VU#761751	Fluent Bit contains five vulnerabilities, including stack buffer overflow, authentication bypass, and path traversa
2025-12-01	2025-12-01	2025-12-01	VU#633103	Insufficient Session Cookie Invalidation in nopCommerce ASP.NET Core eCommerce Platform

Software Engineering Institute