CVE Vulnerability Database

Search and browse 75 known security vulnerabilities. Filter by severity, vendor, product, and year.

75 vulnerabilities found
Recent Highest Score Oldest
Severity: Low × Year: 2025 × Clear all
CVE-2025-65185
2.8 low

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.

Entrinsik Informer Dec 17, 2025
CVE-2025-62690
3.1 low

Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious site via a crafted link opened in a new tab.

Mattermost Mattermost Server Dec 17, 2025
CVE-2025-13352
3.0 low

Mattermost versions 10.11.x <= 10.11.6 and Mattermost GitHub plugin versions <=2.4.0 fail to validate plugin bot identity in reaction forwarding which allows attackers to hijack the GitHub reaction feature to make users add reactions to arbitrary GitHub objects via crafted notification posts.

Mattermost Mattermost Server Dec 17, 2025