Valkey Affected by RESP Protocol Injection via Lua error_reply

HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow

Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

urllib3 Streaming API improperly handles highly compressed data

urllib3 allows an unbounded number of links in the decompression chain

Git for Windows leaks NTLM hash when cloning from an attacker-controlled server

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

LIBPNG has an out-of-bounds read in png_image_read_composite

Werkzeug safe_join() allows Windows special device names

Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

node-forge ASN.1 Unbounded Recursion

node-forge ASN.1 OID Integer Truncation

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.

Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU

Chromium: CVE-2025-6557 Insufficient data validation in DevTools

Chromium: CVE-2025-6556 Insufficient policy enforcement in Loader

Chromium: CVE-2025-6555 Use after free in Animation

Chromium: CVE-2025-6554 Type Confusion in V8

HDF5 H5Fint.c H5F_addr_decode_len heap-based overflow