In GitLab EE versions from 18.0 up to 18.0.4 and 18.1.2 a low severity vulnerability CVE-2025-6168 was detected. This vulnerability allows attackers to bypass group-level user invitation restrictions by sending specially crafted API requests. To fix this issue, users should upgrade GitLab EE to versions 18.0.4 or 18.1.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6168.
Read more Developer Tools
In GitLab CE/EE versions from 17.11 up to 17.11.6, 18.0.4, and 18.1.2 a high severity vulnerability CVE-2025-6948 was detected. This vulnerability allows attackers to perform actions on behalf of other users by injecting malicious content. To fix this issue, users should upgrade GitLab to versions 17.11.6, 18.0.4, or 18.1.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6948.
Read more Developer Tools
In GitLab EE versions from 18.0 up to 18.0.4 and 18.1.2 a medium severity vulnerability CVE-2025-4972 was detected. This vulnerability allows attackers with invitation privileges to bypass group-level user invitation restrictions by manipulating the group invitation functionality. To fix this issue, users should upgrade GitLab EE to versions 18.0.4 or 18.1.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-4972.
Read more Developer Tools
In Flask version 3.1.0 a medium severity vulnerability CVE-2025-47278 was detected. This vulnerability allows attackers to potentially take advantage of old session keys still being used, which weakens protection for user sessions in some setups. To fix this issue, users should upgrade Flask to version 3.1.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-47278.
Read more Application Development
In MongoDB Server versions prior to 8.0.10 a medium severity vulnerability CVE-2025-6712 was detected. This vulnerability allows attackers to cause the MongoDB server to crash by triggering excessive memory usage. To fix this issue users should upgrade MongoDB to version 8.0.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6712.
Read more Database
In MongoDB Server versions prior to 8.0.5 (8.0 series), 7.0.18 (7.0 series), and 6.0.21 (6.0 series) a medium severity vulnerability CVE-2025-6711 was detected. This vulnerability allows attackers to access sensitive query data that may be unintentionally logged by the MongoDB server. To fix this issue users should upgrade MongoDB to versions 8.0.5, 7.0.18, 6.0.21, and 8.1.0-rc0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6711.
Read more Database
In Redis versions prior to 8.0.3, 7.4.5, 7.2.10, and 6.2.19 a medium severity vulnerability CVE-2025-48367 was detected. This vulnerability allows attackers to cause a denial of service by sending malformed connection requests that disrupt Redis server operation. To fix this issue users should upgrade Redis to versions 8.0.3, 7.4.5, 7.2.10, and 6.2.19. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-48367.
Read more Database
In Redis versions from 2.8 up to 8.0.3, 7.4.5, 7.2.10, and 6.2.19 a high severity vulnerability CVE-2025-32023 was detected. This vulnerability allows attackers to run malicious code on the server by exploiting a flaw in how Redis handles certain commands, potentially taking full control of the system. To fix this issue uesers should upgrade Redis to versions 8.0.3, 7.4.5, 7.2.10, and 6.2.19. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-32023.
Read more Database
In Helm versions prior to 3.18.4 a medium severity vulnerability CVE-2025-53547 was detected. This vulnerability allows attackers to trick Helm into overwriting important system files, which can make the system run harmful commands without the user knowing. To fix this vulnerability users should update Helm to version 3.18.4. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-53547.
Read more Developer Tools