Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).

Apache HTTP Server: HTTP/2 DoS by Memory Increase

Potential heap-buffer overflow vulnerability in NotepadNext

Chromium: CVE-2025-5283 Use after free in libvpx

Chromium: CVE-2025-5281 Inappropriate implementation in BFCache

Chromium: CVE-2025-5280 Out of bounds write in V8

CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

GNU Binutils objdump debug.c debug_type_samep memory corruption

GNU Binutils ld elflink.c elf_gc_sweep memory corruption

Icu: stack buffer overflow in the srbroot::addtag function

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

Chromium: CVE-2025-5068 Use after free in Blink

Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip

Chromium: CVE-2025-5066 Inappropriate implementation in Messages

Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API

Chromium: CVE-2025-5064 Inappropriate implementation in Background Fetch API