VYPR

Vullist

by Vityuasd

Source repositories

CVEs (4)

  • CVE-2025-60536HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.01

    An issue in the Configure New Cluster interface of kafka-ui v0.6.0 to v0.7.2 allows attackers to cause a Denial of Service (DoS) via uploading a crafted configuration file.

  • CVE-2025-60535HigOct 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request.

  • CVE-2025-60540MedOct 14, 2025
    risk 0.42cvss 6.5epss 0.00

    karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF).

  • CVE-2025-60537MedOct 14, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0.6.0 to v0.7.2 allows attackers to execute arbitrary code via supplying crafted data.