CVE-2025-47828 – Lumi H5P Nodejs Library HTML Injection Vulnerability

May 11, 2025

CVE ID : CVE-2025-47828

Published : May 11, 2025, 3:15 a.m. | 25 minutes ago

Description : Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4527 – Dígitro NGC Explorer Remote Code Execution Vulnerability

Next Article CVE-2025-4526 – Dígitro NGC Explorer Password Field Masking Vulnerability

Highlights

CVE-2025-3052 – Microsoft UEFI Firmware Arbitrary Write Vulnerability

June 10, 2025

CVE ID : CVE-2025-3052

Published : June 10, 2025, 8:15 p.m. | 1 hour, 33 minutes ago

Description : An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-47828 – Lumi H5P Nodejs Library HTML Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

Rilasciato Geany 2.1: Miglioramenti nell’Interfaccia Utente e Supporto Esteso per Nuovi Tipi di File

Qilin Solidifies Claim as Top Ransomware Group

CVE-2025-25045 – IBM InfoSphere Information Server Information Disclosure

CVE-2025-3052 – Microsoft UEFI Firmware Arbitrary Write Vulnerability

CVE-2025-6719 – WordPress Terms Descriptions Stored Cross-Site Scripting Vulnerability

CVE-2025-3482 – MedDream PACS Server DICOM File Parsing Remote Code Execution Vulnerability

Russian Host Proton66 Tied to SuperBlack and WeaXor Ransomware

CVE-2025-47828 – Lumi H5P Nodejs Library HTML Injection Vulnerability

Related Posts