CVE-2025-45525 – Microlight.js Null Pointer Dereference Vulnerability

June 17, 2025

CVE ID : CVE-2025-45525

Published : June 17, 2025, 8:15 p.m. | 15 minutes ago

Description : A null pointer dereference vulnerability was discovered in microlight.js (version 0.0.7), a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45526 – Microlight Denial of Service Vulnerability

Next Article CVE-2025-30680 – Trend Micro Apex Central SSRF Vulnerability

Highlights

CVE-2025-6384 – CrafterCMS Groovy Sandbox Bypass Remote Code Execution

June 19, 2025

CVE ID : CVE-2025-6384

Published : June 19, 2025, 9:15 p.m. | 1 hour, 14 minutes ago

Description : Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).

This issue affects CrafterCMS: from 4.0.0 through 4.2.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Representative Line: Brace Yourself

Beyond the Pilot: A Playbook for Enterprise-Scale Agentic AI

GitHub launches MCP Registry to provide central location for trusted servers

MongoDB brings Search and Vector Search to self-managed versions of database

Distribution Release: Security Onion 2.4.180

Distribution Release: Omarchy 3.0.1

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

FOSS Weekly #25.38: GNOME 49 Release, KDE Drama, sudo vs sudo-rs, Local AI on Android and More Linux Stuff

CVE-2025-45525 – Microlight.js Null Pointer Dereference Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-5859 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

Five Practical Strategies for Entry-Level Designers in the AI Era

My favorite power station now has a massive discount on Amazon

CVE-2025-3583 – WordPress Newsletter Stored Cross-Site Scripting Vulnerability

CVE-2025-6384 – CrafterCMS Groovy Sandbox Bypass Remote Code Execution

Exploring the Free Edition of Databricks: A Risk-Free Approach to Enterprise AI

CVE-2025-6905 – “Car Rental System SQL Injection Vulnerability”

10 Best Design Resources for 2025

CVE-2025-45525 – Microlight.js Null Pointer Dereference Vulnerability

Related Posts