JFrog Security Research
< Back
Software Vulnerabilities
Last Updated On 28 Jul, 2025
- Webfinger.js Blind SSRFCVE-2025-54590mediumDiscovered ByOri HollanderPublished on 28 Jul, 2025
- JFSA-2025-001290844OS command injection in mcp-remote when connecting to untrusted MCP serversCVE-2025-6514criticalDiscovered ByOr PelesPublished on 9 Jul, 2025
- Tensorflow Serving Stack Exhaustion DoSCVE-2025-0649highDiscovered ByOri HollanderPublished on 6 May, 2025
- PeerTube User Import Authenticated Resource ExhaustionCVE-2025-32949mediumDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube HLS Video Files Path TraversalCVE-2025-32943lowDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube User Import Authenticated Persistent Denial of ServiceCVE-2025-32944mediumDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube Arbitrary Playlist Creation via REST APICVE-2025-32945mediumDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube Arbitrary Playlist Creation via ActivityPub ProtocolCVE-2025-32946mediumDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube ActivityPub Playlist Creation Blind SSRF and DoSCVE-2025-32948highDiscovered ByOri HollanderPublished on 14 Apr, 2025
- PeerTube ActivityPub Crawl Infinite Loop DoSCVE-2025-32947highDiscovered ByOri HollanderPublished on 14 Apr, 2025