SQL Injection (CVE-2025-10095) has been found in SMSEagle firmware.

Path Traversal vulnerability (CVE-2025-5993) has been found in ITCube CRM software.

SQL Injection vulnerability (CVE-2025-7385) has been found in Concept Intermedia GOV CMS software.

CERT Polska has received a report about 2 vulnerabilities (CVE-2025-4643 and CVE-2025-4644).

CERT Polska has received a report about 6 vulnerabilities (from CVE-2025-54540 to CVE-2025-55175) found in OpenSolution QuickCMS software.

CERT Polska has received a report about 17 vulnerabilities (between CVE-2025-2313 and CVE-2025-30064) found in CGM CLININET software.

CERT Polska has received a report about 3 vulnerabilities (CVE-2025-54172, CVE-2025-54174 and CVE-2025-54175) found in OpenSolution Quick.CMS and Quick.CMS.Ext software.

Cross-site Scripting (XSS) vulnerability (CVE-2025-7761) has been found in Akcess-Net Lepszy BIP software.

TCC Bypass vulnerabilities has been found in GIMP (CVE-2025-8672), Mosh-Pro (CVE-2025-53811), Cursor (CVE-2025-9190), MacVim (CVE-2025-8597), Nozbe (CVE-2025-53813) and Invoice Ninja (CVE-2025-8700) applications for MacOS.

Incorrect Authorization vulnerability (CVE-2025-8533) has been found in Flexibits Fantastical software.