Browse CVEs
11,257 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2025-12419 | Mattermost OAuth Bypass | Critical | 9.9 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-12421 | Mattermost Authentication Bypass | Critical | 9.9 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-54057 | Improper Neutralization of Script-Related HTML Tags in a ... | Medium | 6.1 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-3261 | ThingsBoard in versions prior to v4.2.1 allows an authent... | Medium | 5.4 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-12559 | Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1,... | Medium | 4.3 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-66040 | Spotipy is a Python library for the Spotify Web API. Prio... | Low | 3.6 | Medium Risk | Patched | 27-Nov-25 |
| CVE-2025-66371 | Peppol-py XXE Attack | Medium | 5.0 | Medium Risk | Patched | 28-Nov-25 |
| CVE-2025-66372 | Mustang before 2.16.3 allows exfiltrating files via XXE a... | Low | 2.8 | Medium Risk | Patched | 28-Nov-25 |
| CVE-2025-12183 | Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0... | Unknown | - | Medium Risk | 28-Nov-25 | |
| CVE-2025-66034 | fontTools is a library for manipulating fonts, written in... | Medium | 6.3 | Medium Risk | Patched | 29-Nov-25 |