CVE.report search for "CVE-2025-10731"
Listed below are 50 relevant search results for "CVE-2025-10731" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-49384 | In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible | ||
| CVE-2026-49377 | In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters | ||
| CVE-2026-49375 | In JetBrains TeamCity before 2026.1, 2025.11.5 reflected XSS was possible on the repository download page | ||
| CVE-2026-49372 | In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible | ||
| CVE-2026-49325 | Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model... | ||
| CVE-2026-49324 | Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 mode... | ||
| CVE-2026-49323 | Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Sc... | ||
| CVE-2026-49322 | Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... | ||
| CVE-2026-49318 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model ... | ||
| CVE-2026-49317 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model ... | ||
| CVE-2026-49316 | Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an ... | ||
| CVE-2026-49237 | An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. Wh... | ||
| CVE-2026-48208 | An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attack... | ||
| CVE-2026-48191 | An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Fil... | ||
| CVE-2026-48190 | An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated custom... | ||
| CVE-2026-48189 | An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are re... | ||
| CVE-2026-48188 | An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthentic... | ||
| CVE-2026-48187 | An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocati... | ||
| CVE-2026-47323 | Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy ... | ||
| CVE-2026-46368 | luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed... | ||
| CVE-2026-46124 | In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in iso... | ||
| CVE-2026-46055 | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination ... | ||
| CVE-2026-44413 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access |
| CVE-2026-43899 | DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-bet... | ||
| CVE-2026-43347 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve full Gunyah metadata r... |
| CVE-2026-43322 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in le_read_features_complet... |
| CVE-2026-43247 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic wh... |
| CVE-2026-43164 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in __udp_enqueue_schedule_sk... |
| CVE-2026-42960 | Nlnetlabs | Unbound | NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority se... |
| CVE-2026-42879 | FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted fil... | ||
| CVE-2026-42877 | FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XS... | ||
| CVE-2026-42467 | An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read... | ||
| CVE-2026-42339 | Newapi | New Api | New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-a... |
| CVE-2026-42043 | Axios | Axios | Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence t... |
| CVE-2026-41903 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding t... | ||
| CVE-2026-41882 | Jetbrains | Intellij Idea | In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files ... |
| CVE-2026-41321 | @astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch() call for remote ... | ||
| CVE-2026-40453 | Apache | Camel | The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CA... |
| CVE-2026-40165 | authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were ... | ||
| CVE-2026-40046 | Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE... | ||
| CVE-2026-40035 | Ryandfir | Unfurl | Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by... |
| CVE-2026-39973 | Apktool | Apktool | Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in `... |
| CVE-2026-39424 | Maxkb | Maxkb | MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Im... |
| CVE-2026-39417 | Maxkb | Maxkb | MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, w... |
| CVE-2026-39414 | Minio | Minio | MinIO is a high-performance object storage system. From RELEASE.2018-08-18T03-49-57Z to before RELEASE.2025-12-20T04-58-37Z, ... |
| CVE-2026-39337 | Churchcrm | Churchcrm | ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulne... |
| CVE-2026-37534 | Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1... | ||
| CVE-2026-35465 | Freedom | Securedrop-client | SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureD... |
| CVE-2026-35177 | Vim | Vim | Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows ov... |
| CVE-2026-34660 | Adobe | Connect Desktop Application | Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could ... |