Tag: Medium Risk

CVE‑2025‑53605: Denial-of-Service in Rust protobuf Crate

CVE‑2025‑53605 is a medium-severity vulnerability in the widely used Rust protobuf crate (versions before 3.7.2). An attacker exploiting uncontrolled recursion in parsing unknown fields can trigger excessive resource use, leading to a Denial-of-Service (DoS) attack. Vulnerability Details < CVE ID CVE‑2025‑53605 Unique ID for tracking the protobuf crate vulnerability. Affected Software Rust protobuf crate Impacts […]

CVE‑2025‑52842: Reflected XSS in Laundry Application

CVE‑2025‑52842 is a medium-severity reflected Cross-Site Scripting (XSS) vulnerability in Laundry 2.3.0, a desktop application for Linux and macOS. By injecting malicious scripts into specific inputs, an attacker can execute code to hijack user sessions or take over accounts. Vulnerability Details Exploitation Path An attacker can craft a malicious URL or input field that, when […]

CVE-2025-5733: Full Path Disclosure Vulnerability in Modern Events Calendar Lite Plugin for WordPress

CVE-2025-5733 is a recently disclosed vulnerability affecting the Modern Events Calendar Lite plugin for WordPress (versions ≤ 7.21.9). The flaw allows unauthenticated attackers to retrieve the full path of the web application, potentially aiding in further attacks. Vulnerability Details Exploitation Path The vulnerability stems from improper validation of the id property when exporting calendars. This […]