Advisory Week

Week 17, 2025

National Cyber Awareness System

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Two Industrial Control Systems Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Three Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Mozilla Security Advisories

Security Vulnerabilities fixed in Thunderbird ESR 128.10 mfsa2025-32

Security Vulnerabilities fixed in Thunderbird 138 mfsa2025-31

Security Vulnerabilitiesfixed in Firefox ESR 115.23 mfsa2025-30

Security Vulnerabilities fixed in Firefox ESR 128.10 mfsa2025-29

Security Vulnerabilities fixed in Firefox 138 mfsa2025-28

Ubuntu Security Notices

Linux kernel (Xilinx ZynqMP) vulnerabilities: USN-7475-1 / USN-7461-3

Docker vulnerabilities: USN-7474-1

Micropython vulnerabilities: USN-7472-1

Ghostscript vulnerability: USN-7473-1

PostgreSQL vulnerability: USN-7315-2

H2O vulnerability: USN-7469-4

poppler vulnerabilities: USN-7471-1

GNU binutils vulnerabilities: USN-7423-2

Node.js vulnerability: USN-7469-3

Linux kernel (AWS) vulnerabilities: USN-7455-5

libxml2 vulnerabilities: USN-7467-2 / USN-7467-1

Apache Tomcat vulnerability: USN-7469-2

Apache Traffic Server vulnerability: USN-7469-1

Linux kernel (Azure, N-Series) vulnerabilities: USN-7468-1

Linux kernel (GCP) vulnerabilities: USN-7459-2

Mistral vulnerabilities: USN-7465-1

KiCad vulnerabilities: USN-7466-1

Jupyter Notebook vulnerability: USN-7464-1

Red Hat Security Advisory

Important: OpenShift Container Platform 4.18.11 bug fix and security update: RHSA-2025:4211

Important: thunderbird security update: RHSA-2025:4389 / RHSA-2025:4229

Moderate: ghostscript security update: RHSA-2025:4362

Important: OpenShift Container Platform 4.14.51 bug fix and security update: RHSA-2025:4177

Important: OpenShift Container Platform 4.17.27 bug fix and security update: RHSA-2025:4204

Important: OpenShift Container Platform 4.17.27 security and extras update: RHSA-2025:4203

Important: kernel-rt security update: RHSA-2025:4340

Important: Red Hat build of Keycloak 26.0.11 Update: RHSA-2025:4336

Important: Red Hat build of Keycloak 26.0.11 Images Update: RHSA-2025:4335

Moderate: php:8.1 security update: RHSA-2025:4263

Important: RHSA: Submariner 0.19.4 - bug fix and enhancement update: RHSA-2025:4250

Moderate: glibc security update: RHSA-2025:4244 / RHSA-2025:4243 / RHSA-2025:4242

Important: Updated 6.1 container image is now available in the Red Hat Ecosystem Catalog.: RHSA-2025:4240

Important: Red Hat Ceph Storage 6.1 bug fix update: RHSA-2025:4238

Important: mod_auth_openidc:2.3 security update: RHSA-2025:4228 / RHSA-2025:4227

Important: Red Hat JBoss Enterprise Application Platform 7.1.10 on RHEL 7 security update: RHSA-2025:4226

Important: mod_auth_openidc security update: RHSA-2025:4225 / RHSA-2025:4224

Microsoft Security

Microsoft May 2025 Security Update Guide

CVE-2025-21416 Azure Virtual Desktop Elevation of Privilege Vulnerability

CVE-2025-30390 Azure ML Compute Elevation of Privilege Vulnerability

CVE-2025-30392 Azure AI bot Elevation of Privilege Vulnerability

CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability

CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability

CVE-2025-30391 Microsoft Dynamics Information Disclosure Vulnerability

Github Security Advisories

[GHSA-vc6m-hm49-g9qg] phi4mm: Quadratic Time Complexity in Input Token Processing leads to denial of service

[GHSA-jrr2-x33p-6hvc] Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

[GHSA-wfm2-rq5g-f8v5] @account-kit/smart-contracts Allowlist Module Bypass Vulnerability

[GHSA-hj4w-hm2g-p6w5] vLLM Vulnerable to Remote Code Execution via Mooncake Integration

[GHSA-9f8f-2vmf-885j] Data exposure via ZeroMQ on multi-node vLLM deployment

[GHSA-59x8-cvxh-3mm4] YesWiki Stored XSS Vulnerability in Comments

[GHSA-88xg-v53p-fpvf] YesWiki Remote Code Execution via Arbitrary PHP File Write and Execution

[GHSA-wc9g-6j9w-hr95] YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download

[GHSA-2f8p-qqx2-gwr2] YesWiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

[GHSA-cg4f-cq8h-3ch8] Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting

[GHSA-ggqx-43h2-55jp] Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

[GHSA-r9gv-qffm-xw6f] Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting

[GHSA-mvgm-3rw2-7j4r] org.xwiki.platform:xwiki-platform-security-requiredrights-default requiredrights analysis doesn't consider TextAreas with default content type

[GHSA-x7wv-5qg4-vmr6] org.xwiki.platform:xwiki-platform-component-wiki provides no warning when granting XWiki.ComponentClass programming right

[GHSA-rp38-24m3-rx87] The lesscss script service allows cache clearing without programming right

[GHSA-987p-r3jc-8c8v] Solr script service doesn't take dropped programming right into account

[GHSA-pjhg-9wr9-rj96] org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability

[GHSA-c8hm-hr8h-5xjw] n8n Vulnerable to Stored XSS through Attachments View Endpoint

[GHSA-wmjq-jrm2-9wfr] NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file

[GHSA-6jgm-j7h2-2fqg] Go Snowflake Driver has race condition when checking access to Easy Logging configuration file

[GHSA-c82r-c9f7-f5mj] Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file

[GHSA-j3g3-5qv5-52mj] net-imap rubygem vulnerable to possible DoS by memory exhaustion

CISA Known Exploted Vulnerabilities

Broadcom Brocade Fabric OS Code Injection Vulnerability CVE-2025-1976

Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability CVE-2025-42599

Commvault Web Server Unspecified Vulnerability CVE-2025-3928

SAP NetWeaver Unrestricted File Upload Vulnerability CVE-2025-31324

Apache HTTP Server Improper Escaping of Output Vulnerability CVE-2024-38475

SonicWall SMA100 Appliances OS Command Injection Vulnerability CVE-2023-44221

Commvault Command Center Path Traversal Vulnerability CVE-2025-34028

Yiiframework Yii Improper Protection of Alternate Path Vulnerability CVE-2024-58136

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily