JFrog Security Research
< Back
Software Vulnerabilities
Last Updated On 4 Nov, 2025
- n8n Git Node RCECVE-2025-62726highDiscovered ByAssaf LevkovichPublished on 4 Nov, 2025
- JFSA-2025-001495652DSPy sandbox escape arbitrary file readCVE-2025-12695mediumDiscovered ByNatan NehoraiPublished on 4 Nov, 2025
- Cursor CLI Untrusted Project RCECVE-2025-61592highDiscovered ByAssaf LevkovichPublished on 4 Nov, 2025
- JFSA-2025-001495618React Native CLI Command InjectionCVE-2025-11953criticalDiscovered ByOr PelesPublished on 3 Nov, 2025
- JFSA-2025-001494691oatpp-mcp prompt hijackingCVE-2025-6515mediumDiscovered ByOri HollanderPublished on 20 Oct, 2025
- JFSA-2025-001471363txtai arbitrary file writeCVE-2025-10854highDiscovered ByOri HollanderPublished on 22 Sep, 2025
- XRAY-720930PickleScan Unsafe Globals Check Bypass via Submodule ImportsCVE-2025-10157criticalDiscovered ByDavid CohenPublished on 21 Sep, 2025
- XRAY-720936PickleScan Bypass via File Extension MismatchCVE-2025-10155criticalDiscovered ByDavid CohenPublished on 21 Sep, 2025
- XRAY-720938PickleScan Bypass via ZIP file bad CRCCVE-2025-10156criticalDiscovered ByDavid CohenPublished on 21 Sep, 2025
- Vite arbitrary restricted remote file leakCVE-2025-58751highDiscovered ByOri HollanderPublished on 15 Sep, 2025