| 266222 | Mattermost Server 10.5.x < 10.5.10 / 10.11.0 URL Redirection (MMSA-2025-00511) | medium |
| 266221 | Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.11.0 Authorization Bypass (MMSA-2025-00502) | medium |
| 266220 | Mattermost Server 10.5.x < 10.5.10 / 10.9.x < 10.9.5 / 10.10.x < 10.10.2 / 10.11.0 URL Redirection (MMSA-2025-00509) | high |
| 266219 | Mattermost Server 10.10.x < 10.10.2 / 10.11.0 Missing Authorization (MMSA-2025-00513) | medium |
| 266069 | Apache Solr 6.6.x < 9.8.0 Relative Path Traversal | medium |
| 266024 | GitLab 11.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-8014) | high |
| 265988 | GitLab 17.2 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-11042) | medium |
| 265987 | GitLab 14.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-9642) | high |
| 265982 | GitLab 18.1 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10867) | low |
| 265981 | GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-7691) | medium |
| 265961 | GitLab 17.4 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10868) | low |
| 265960 | GitLab 17.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-5069) | low |
| 265959 | GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10871) | low |
| 265958 | GitLab 14.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-9958) | medium |
| 265957 | GitLab < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10858) | high |
| 265948 | Dell Data Domain OS Command Injection (DSA-2025-159) | high |
| 265947 | Dell Data Domain OS Auth Bypass (DSA-2025-159) | critical |
| 265946 | Fortra GoAnywhere Managed File Transfer (MFT) < 7.8.1 Broken Access Control (fi-2025-009) | medium |
| 265889 | Apache Solr < 9.8.0 ConfigSet Privilege Escalation via <lib> Injection (CVE-2025-24814) | medium |
| 265789 | Dotnetnuke < 10.1.0 Stored XSS Using Backend Admin Credentials (CVE-2025-59546) | low |
| 265757 | Dotnetnuke < 10.1.0 Stored Cross-Site Scripting (XSS) in Prompt module (CVE-2025-59545) | critical |
| 265756 | Dotnetnuke < 10.1.0 Reflected Cross-Site Scripting (XSS) using url to profile (CVE-2025-59821) | medium |
| 265752 | Dotnetnuke < 10.1.0 Loading unused themes on annonymous clients through query parameters (CVE-2025-59535) | medium |
| 265721 | Dotnetnuke < 10.1.0 Stored Cross-Site Scripting (XSS) in Prompt module (GHSA-2qxc-mf4x-wr29) | high |
| 265720 | Dotnetnuke < 10.1.0 Stored XSS Using Backend Admin Credentials (GHSA-gj8m-5492-q98h) | high |
| 265718 | Dotnetnuke < 10.1.0 Reflected Cross-Site Scripting (XSS) using url to profile (GHSA-jc4g-c8ww-5738) | high |
| 265441 | Atlassian Confluence 2.0 < 8.5.24 / 8.6.x < 9.2.6 / 9.3.x < 9.5.2 / 10.0.x < 10.0.3 RCE (CONFSERVER-100795) | high |
| 265438 | Fortra GoAnywhere Managed File Transfer (MFT) < 7.6.3 / 7.7.x < 7.8.4 Deserialization (CVE-2025-10035) | critical |
| 265328 | Openfire < 5.0.2 / 5.1.0 Identity Spoofing | medium |
| 265325 | Jenkins LTS < 2.516.3 / Jenkins weekly < 2.528 Multiple Vulnerabilities | high |
| 264901 | Mattermost Server 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 Path Traversal (MMSA-2025-00501) | medium |
| 264900 | Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.4 / 10.10.x < 10.10.1 / 10.11.0 Improper Validation (MMSA-2025-00506) | medium |
| 264899 | Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.0 Multiple Vulnerabilities (MMSA-2025-00498, MMSA-2025-00499) | medium |
| 264626 | Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.8.x < 10.8.4 / 10.9.x < 10.9.3 / 10.10.x < 10.10.1 / 10.11.0 Unrestricted Upload of File (MMSA-2025-00505) | medium |
| 264625 | Mattermost Server 10.5.x < 10.5.9 / 10.10.0 Incorrect Authorization (MMSA-2025-00470) | medium |
| 264624 | Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.10.0 Incorrect Authorization (MMSA-2025-00485) | low |
| 264600 | GitLab 10.7 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-10094) | medium |
| 264599 | GitLab 7.8 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-7337) | medium |
| 264598 | GitLab 15.1 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-6769) | medium |
| 264597 | GitLab 15.0 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-1250) | medium |
| 264596 | GitLab 7.12 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-2256) | high |
| 264595 | GitLab 16.11 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-6454) | high |
| 261788 | TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-020) | medium |
| 261786 | TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-018) | medium |
| 261784 | TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-023) | medium |
| 261780 | TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-022) | high |
| 261779 | TYPO3 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-019) | medium |
| 261778 | TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-021) | medium |
| 261777 | TYPO3 9.0.0 < 9.5.55 ELTS / 10.0.0 < 10.4.54 ELTS / 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-017) | medium |
| 261775 | Metabase 0.41.x < 0.41.7 / 0.42.x < 0.42.4 / 1.41.x < 1.41.7 / 1.42.x < 1.42.4 | high |
