Advisory Week

Week 14, 2025

National Cyber Awareness System

Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities

CISA Releases Ten Industrial Control Systems Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

Adobe Security Bulletins and Advisories

Security updates available for Adobe Photoshop | APSB25-30

Security Updates Available for Adobe Commerce | APSB25-26

Security updates available for Adobe ColdFusion | APSB25-15

Security Updates Available for Adobe Media Encoder | APSB25-24

Security Updates Available for Adobe Bridge | APSB25-25

Security updates available for Adobe Experience Manager | APSB25-27

Security updates available for Adobe Animate | APSB25-31

Security updates available for Adobe Experience Manager Screens | APSB25-32

Security Updates Available for Adobe Framemaker | APSB25-33

Security updates available for Adobe XMP Toolkit SDK | APSB25-34

Ubuntu Security Notices

libsoup vulnerabilities: USN-7432-1

HAProxy vulnerability: USN-7431-1

Dino vulnerability: USN-7430-1

OpenSC vulnerabilities: USN-7346-3

poppler vulnerabilities: USN-7426-2 / USN-7426-1

Linux kernel (FIPS) vulnerabilities: USN-7429-2 / USN-7428-2 / USN-7408-3

Linux kernel vulnerabilities: USN-7429-1 / USN-7428-1 / USN-7402-4

Erlang vulnerability: USN-7425-1

Expat vulnerability: USN-7424-1

GNU binutils vulnerabilities:USN-7423-1

Linux kernel (NVIDIA Tegra IGX) vulnerabilities: USN-7406-6

Linux kernel (HWE) vulnerabilities: USN-7408-4

FIS-GT.M vulnerabilities: USN-7422-1

Linux kernel (Azure) vulnerabilities: USN-7421-1 / USN-7420-1

Linux kernel (NVIDIA) vulnerabilities: USN-7406-5

Ruby vulnerabilities: USN-7418-1

Vim vulnerabilities: USN-7419-1

Tomcat vulnerability: USN-7410-1

libdbd-mysql-perl vulnerabilities: USN-7417-1

Kamailio vulnerabilities: USN-7416-1

Red Hat Security Advisory

Important: OpenShift Container Platform 4.12.75 packages and security update: RHSA-2025:3573

Important: OpenShift Container Platform 4.18.8 bug fix and security update: RHSA-2025:3577

Important: delve and golang security update: RHSA-2025:3773

Moderate: go-toolset:rhel8 security update: RHSA-2025:3772

Important: OpenShift Container Platform 4.14.50 bug fix and security update: RHSA-2025:3569

Important: Red Hat Advanced Cluster Management 2.13.2 container image updates: RHSA-2025:3763

Important: webkit2gtk3 security update: RHSA-2025:3756 / RHSA-2025:3755 / RHSA-2025:3713

Important: OpenShift Container Platform 4.17.24 bug fix and security update: RHSA-2025:3565

Important: OpenShift Container Platform 4.14.50 security and extras update: RHSA-2025:3568

Important: multicluster engine for Kubernetes 2.8.1 container image updates: RHSA-2025:3720

Important: updated discovery container images: RHSA-2025:3709

Important: opentelemetry-collector security update: RHSA-2025:3698

Important: Red Hat Edge Manager Version 0.5.1 (Technology Preview) security fixes: RHSA-2025:3685

Moderate: tomcat security update: RHSA-2025:3684 / RHSA-2025:3683 / RHSA-2025:3647 / RHSA-2025:3646 / RHSA-2025:3645

Important: python-jinja2 security update: RHSA-2025:3671 / RHSA-2025:3622

Moderate: redhat-ds:12 security update: RHSA-2025:3670

Moderate: Red Hat OpenStack Platform 17.1 (openstack-ironic) security update: RHSA-2025:3482

Moderate: Red Hat JBoss Web Server 6.1.0 release and security update: RHSA-2025:3609

Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update: RHSA-2025:3637

Important: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update: RHSA-2025:3636

Important: Red Hat Ceph Storage 8.0 security, bug fix, and enhancement updates: RHSA-2025:3635

Low: python3.11 security update: RHSA-2025:3634

Low: python3.12 security update: RHSA-2025:3631

Important: gimp security update: RHSA-2025:3629 / RHSA-2025:3617

Important: firefox security update: RHSA-2025:3628 / RHSA-2025:3623 / RHSA-2025:3620

Important: libxslt security update: RHSA-2025:3627 / RHSA-2025:3626 / RHSA-2025:3619 / RHSA-2025:3615 / RHSA-2025:3614 / RHSA-2025:3613 / RHSA-2025:3612

Important: grafana security update: RHSA-2025:3616

Microsoft Security

Microsoft April 2025 Security Update Guide

CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2025-24062 Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2025-24060 Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability

CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2025-20570 Visual Studio Code Elevation of Privilege Vulnerability

CVE-2025-29812 DirectX Graphics Kernel Elevation of Privilege Vulnerability

CVE-2025-29816 Microsoft Word Security Feature Bypass Vulnerability

CVE-2025-29805 Outlook for Android Information Disclosure Vulnerability

CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2025-29809 Windows Kerberos Security Feature Bypass Vulnerability

CVE-2025-29808 Windows Cryptographic Services Information Disclosure Vulnerability

CVE-2025-29801 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

CVE-2025-29804 Visual Studio Elevation of Privilege Vulnerability

CVE-2025-29800 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

CVE-2025-29802 Visual Studio Elevation of Privilege Vulnerability

CVE-2025-27738 Windows Resilient File System (ReFS) Information Disclosure Vulnerability

CVE-2025-27739 Windows Kernel Elevation of Privilege Vulnerability

CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability

CVE-2025-27736 Windows Power Dependency Coordinator Information Disclosure Vulnerability

CVE-2025-27737 Windows Security Zone Mapping Security Feature Bypass Vulnerability

CVE-2025-27733 NTFS Elevation of Privilege Vulnerability

CVE-2025-27735 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

CVE-2025-27730 Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-27732 Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability

CVE-2025-27728 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2025-27731 Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability

CVE-2025-27490 Windows Bluetooth Service Elevation of Privilege Vulnerability

CVE-2025-27727 Windows Installer Elevation of Privilege Vulnerability

CVE-2025-27492 Windows Secure Channel Elevation of Privilege Vulnerability

CVE-2025-27491 Windows Hyper-V Remote Code Execution Vulnerability

CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability

CVE-2025-27486 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-27483 NTFS Elevation of Privilege Vulnerability

CVE-2025-27487 Remote Desktop Client Remote Code Execution Vulnerability

CVE-2025-27481 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-27482 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-27484 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

CVE-2025-27480 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-27467 Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-27469 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2025-27485 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability

CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

CVE-2025-26675 Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVE-2025-26676 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-26672 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-26673 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2025-26671 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2025-26674 Windows Media Remote Code Execution Vulnerability

CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability

CVE-2025-26652 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-26670 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

CVE-2025-26647 Windows Kerberos Elevation of Privilege Vulnerability

CVE-2025-26644 Windows Hello Spoofing Vulnerability

CVE-2025-26648 Windows Kernel Elevation of Privilege Vulnerability

CVE-2025-26649 Windows Secure Channel Elevation of Privilege Vulnerability

CVE-2025-26640 Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-26641 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-26637 BitLocker Security Feature Bypass Vulnerability

CVE-2025-26642 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-26639 Windows USB Print Driver Elevation of Privilege Vulnerability

CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability

CVE-2025-25002 Azure Local Cluster Information Disclosure Vulnerability

CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability

CVE-2025-21222 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-24058 Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2025-21203 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability

CVE-2025-21221 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21191 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

CVE-2025-21205 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21174 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-21197 Windows NTFS Information Disclosure Vulnerability

CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2025-24073 Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2025-29823 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-29824 Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability

CVE-2025-29794 Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2025-29821 Microsoft Dynamics Business Central Information Disclosure Vulnerability

CVE-2025-29820 Microsoft Word Remote Code Execution Vulnerability

CVE-2025-29793 Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2025-29792 Microsoft Office Elevation of Privilege Vulnerability

CVE-2025-27750 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-29791 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-27751 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-27752 Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-27749 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-27743 Microsoft System Center Elevation of Privilege Vulnerability

CVE-2025-27746 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-27747 Microsoft Word Remote Code Execution Vulnerability

CVE-2025-27742 NTFS Information Disclosure Vulnerability

CVE-2025-27745 Microsoft Office Remote Code Execution Vulnerability

CVE-2025-27741 NTFS Elevation of Privilege Vulnerability

CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability

CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

CVE-2025-27740 Active Directory Certificate Services Elevation of Privilege Vulnerability

CVE-2025-27477 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-27478 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

CVE-2025-27474 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-27476 Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-27475 Windows Update Stack Elevation of Privilege Vulnerability

CVE-2025-27473 HTTP.sys Denial of Service Vulnerability

CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2025-27471 Microsoft Streaming Service Denial of Service Vulnerability

CVE-2025-27470 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-26687 Win32k Elevation of Privilege Vulnerability

CVE-2025-26688 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

CVE-2025-26680 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVE-2025-26686 Windows TCP/IP Remote Code Execution Vulnerability

CVE-2025-26668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-26681 Win32k Elevation of Privilege Vulnerability

CVE-2025-26669 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-26667 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-26666 Windows Media Remote Code Execution Vulnerability

CVE-2025-26665 Windows upnphost.dll Elevation of Privilege Vulnerability

CVE-2025-26664 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-26663 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Jenkins Security Advisories

Jenkins Security Advisory 2025-04-10

Github Security Advisories

[GHSA-f87w-3j5w-v58p] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows

[GHSA-vrq4-9hc3-cgp7] TigerVNC accessible via the network and not just via a UNIX socket as intended

[GHSA-m454-3xv7-qj85] CVE-2025-1386- Query smuggling in ch-go library

[GHSA-2xm2-23ff-p8ww] Formie has XSS vulnerability for email notification content for preview

[GHSA-p9hh-mh5x-wvx3] Formie has XSS vulnerability for importing forms

[GHSA-5q9x-554g-9jgg] SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF)

[GHSA-pxw4-94j3-v9pf] SurrealDB CPU exhaustion via custom functions result in total DoS

[GHSA-3824-qmfq-2qv7] SurrealDB no JavaScript script function default timeout could facilitate DoS

[GHSA-3633-g6mg-p6qq] SurrealDB memory exhaustion via string::replace using regex

[GHSA-ccj3-5p93-8p42] SurrealDB server-takeover via SurrealQL injection on backup import

[GHSA-356w-63v5-8wf4] Vite has an `server.fs.deny` bypass with an invalid `request-target`

[GHSA-7r2v-8wxr-3ch5] Yii does not prevent XSS in scenarios where fallback error renderer is used

[GHSA-2cvj-g5r5-jrrg] SurrealDB has local file read of 2-column TSV files via analyzers

[GHSA-m7rc-8w7m-r9qr] SurrealDB vulnerable to memory exhaustion via nested functions and scripts

[GHSA-rq86-9m6r-cm3g] SurrealDB has uncaught exception in Net module that leads to database crash

[GHSA-256q-hx8w-xcqx] Silverstripe Framework user enumeration via timing attack on login and password reset forms

[GHSA-5xqw-8hwv-wg92] Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

[GHSA-4hfp-h4cw-hj8p] Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination

[GHSA-rhx4-hvx9-j387] Silverstripe Framework has a XSS vulnerability in HTML editor

[GHSA-x8xm-c7p8-2pj2] Silverstripe cross-site scripting (XSS) attack in elemental "Content blocks in use" report

[GHSA-cj3w-g42v-wcj6] ibexa/fieldtype-richtext allows access to external entities in XML

[GHSA-2jqj-5qv2-xvcg] ezsystems/ezplatform-richtext allows access to external entities in XML

[GHSA-rpq8-q44m-2rpg] Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

[GHSA-4h9w-7vfp-px8m] Shopware default newsletter opt-in settings allow for mass sign-up abuse

[GHSA-5pm7-cp8f-p2c2] wallabag/wallabag Has Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities

[GHSA-389x-67px-mjg3] xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory

[GHSA-6jrf-4jv4-r9mw] tendermint-rs's Light Client Verifier allows malicious validators to spoof votes from other validators

[GHSA-x2rg-q646-7m2v] Koajs vulnerable to Cross-Site Scripting (XSS) at ctx.redirect() function

[GHSA-7v4r-c989-xh26] BentoML's runner server Vulnerable to Remote Code Execution (RCE) via Insecure Deserialization

[GHSA-3f7v-qx94-666m] DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)

[GHSA-fmhh-rw3h-785m] bep/imagemeta allows a potentially large memory allocation in PNG and WebP parsing

[GHSA-q7rw-w4cq-2j6w] bep/imagemeta allows excessively large EXIF data structures

[GHSA-9r25-rp3p-h2w4] crud-query-parser SQL Injection vulnerability

[GHSA-q62r-8ppj-xvf4] Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users

[GHSA-wr2m-38xh-rpc9] Lemmy user purging users or communities or banning users can delete images they didn't upload/exclusively use

[GHSA-68wv-g3fw-pq7q] Shopware Broken ACL on Document retrieval to access other customers documents

[GHSA-8g35-7rmw-7f59] Shopware Vulnerable to Blind SQL-injection in DAL aggregations

[GHSA-x82r-6j37-vrgg] Pimcore's Admin Classic Bundle allows HTML Injection

[GHSA-cgfj-hj93-rmh2] Shopware allows Denial Of Service via password length

[GHSA-hh7j-6x3q-f52h] Shopware 6 allows attackers to check for registered accounts through the store-api

[GHSA-p4qw-7j9g-5h53] ts-asn1-der has Incorrect DER Encoding of Numbers Leading to Denial of Service and Incorrect Value Representation

[GHSA-v7x6-rv5q-mhwc] Picklescan missing detection when calling built-in python library function timeit.timeit()

[GHSA-f7f6-9jq7-3rqj] estree-util-value-to-estree allows prototype pollution in generated ESTree

[GHSA-7mpv-9xg6-5r79] Apollo Compiler Named Fragment Processing Vulnerability

[GHSA-p2q6-pwh5-m6jr] Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

[GHSA-q2f9-x4p4-7xmh] Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

[GHSA-3j43-9v8v-cp3f] Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing

[GHSA-84m6-5m72-45fp] Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow

[GHSA-75m2-jhh5-j5g2] Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

[GHSA-94hh-jmq8-2fgp] Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

[GHSA-9c4c-g95m-c8cp] FlowiseDB vulnerable to SQL Injection by authenticated users

[GHSA-fj43-3qmq-673f] Picklescan failed to detect to some unsafe global function in Numpy library

[GHSA-93mv-x874-956g] Picklescan Vulnerable to Exfiltration via DNS via linecache and ssl.get_server_certificate

[GHSA-hpqf-m68j-2pfx] js-object-utilities Vulnerable to Prototype Pollution

[GHSA-qp8j-p87f-c8cc] LNbits Lightning Network Payment System Vulnerable to Server-Side Request Forgery via LNURL Authentication Callback

[GHSA-p5g4-v748-6fh8] tarteaucitron.js allows url scheme injection via unfiltered inputs

[GHSA-794x-2rpg-rfgr] Jujutsu does not have SHA-1 collision detection

[GHSA-4hwx-xcc5-2hfc] tarteaucitron.js allows prototype pollution via custom text injection

[GHSA-7524-3396-fqv3] tarteaucitron.js allows UI manipulation via unrestricted CSS injection

[GHSA-q7g5-jq6p-6wvx] Graylog's Authenticated HTTP inputs ingest message even if Authorization header is missing or has wrong value

Spring Security Advisories

CVE-2025-22232 - Medium - CVE-2025-22232: Spring Cloud Config Server May Not Use Vault Token Sent By Clients

CISA Known Exploted Vulnerabilities

CrushFTP Authentication Bypass Vulnerability CVE-2025-31161

Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability CVE-2025-29824

Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability CVE-2025-30406

Linux Kernel Out-of-Bounds Read Vulnerability CVE-2024-53150

Linux Kernel Out-of-Bounds Access Vulnerability CVE-2024-53197

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily