Publish Advisories

GHSA-4w56-v3gv-mf6c
GHSA-5mfv-8xjm-pmmh
GHSA-6p6p-x42g-j3hv
GHSA-767x-95qw-8v6j
GHSA-g5pm-7qx6-f2hg
GHSA-hv82-jj64-jf47
GHSA-m2jw-wc29-6qmv
GHSA-p5pj-p5gv-2r5w
GHSA-q9f7-mpvw-2h86
GHSA-rgwf-hw46-5w7j
GHSA-rhhc-xvm8-7w83
GHSA-rx26-cqvh-gprg
GHSA-x3hm-53cx-8hp8
GHSA-xqhc-c94v-wffx

Author: advisory-database[bot]

advisories/unreviewed/2025/12/GHSA-4w56-v3gv-mf6c/GHSA-4w56-v3gv-mf6c.json

@@ -0,0 +1,34 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4w56-v3gv-mf6c",
+  "modified": "2025-12-19T03:31:18Z",
+  "published": "2025-12-19T03:31:18Z",
+  "aliases": [
+    "CVE-2025-52692"
+  ],
+  "details": "Successful exploitation of the vulnerability could allow an attacker with local network access to send a specially crafted URL to access certain administration functions without login credentials.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52692"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-118"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T02:16:05Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-5mfv-8xjm-pmmh/GHSA-5mfv-8xjm-pmmh.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5mfv-8xjm-pmmh",
+  "modified": "2025-12-19T03:31:17Z",
+  "published": "2025-12-19T03:31:17Z",
+  "aliases": [
+    "CVE-2025-14899"
+  ],
+  "details": "A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14899"
+    },
+    {
+      "type": "WEB",
+      "url": "https://codeastro.com"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/YZS17/CVE/blob/main/CodeAstro_Real_Estate_Management_System/stateadd.php-sqli.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.337424"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.337424"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.715671"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T01:16:05Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-6p6p-x42g-j3hv/GHSA-6p6p-x42g-j3hv.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-6p6p-x42g-j3hv",
+  "modified": "2025-12-19T03:31:18Z",
+  "published": "2025-12-19T03:31:18Z",
+  "aliases": [
+    "CVE-2025-67843"
+  ],
+  "details": "A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67843"
+    },
+    {
+      "type": "WEB",
+      "url": "https://kibty.town/blog/mintlify"
+    },
+    {
+      "type": "WEB",
+      "url": "https://news.ycombinator.com/item?id=46317098"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/blog/working-with-security-researchers-november-2025"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/docs/changelog"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1336"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T02:16:08Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-767x-95qw-8v6j/GHSA-767x-95qw-8v6j.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-767x-95qw-8v6j",
+  "modified": "2025-12-19T03:31:18Z",
+  "published": "2025-12-19T03:31:18Z",
+  "aliases": [
+    "CVE-2025-67846"
+  ],
+  "details": "The Deployment Infrastructure in Mintlify Platform before 2025-11-15 allows remote attackers to bypass security patches and execute downgrade attacks via predictable deployment identifiers on the Vercel preview domain. An attacker can identify the URL structure of a previous deployment that contains unpatched vulnerabilities. By browsing directly to the specific git-ref or deployment-id subdomain, the attacker can force the application to load the vulnerable version.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67846"
+    },
+    {
+      "type": "WEB",
+      "url": "https://kibty.town/blog/mintlify"
+    },
+    {
+      "type": "WEB",
+      "url": "https://news.ycombinator.com/item?id=46317098"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/blog/working-with-security-researchers-november-2025"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/docs/changelog"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-472"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T02:16:09Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-g5pm-7qx6-f2hg/GHSA-g5pm-7qx6-f2hg.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-g5pm-7qx6-f2hg",
+  "modified": "2025-12-19T03:31:18Z",
+  "published": "2025-12-19T03:31:18Z",
+  "aliases": [
+    "CVE-2025-67845"
+  ],
+  "details": "A Directory Traversal vulnerability in the Static Asset Proxy Endpoint in Mintlify Platform before 2025-11-15 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing path traversal sequences.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67845"
+    },
+    {
+      "type": "WEB",
+      "url": "https://kibty.town/blog/mintlify"
+    },
+    {
+      "type": "WEB",
+      "url": "https://news.ycombinator.com/item?id=46317098"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/blog/working-with-security-researchers-november-2025"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/docs/changelog"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-24"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T02:16:09Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-hv82-jj64-jf47/GHSA-hv82-jj64-jf47.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hv82-jj64-jf47",
+  "modified": "2025-12-19T03:31:17Z",
+  "published": "2025-12-19T03:31:17Z",
+  "aliases": [
+    "CVE-2025-14733"
+  ],
+  "details": "An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.5 and 2025.1 up to and including 2025.1.3.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14733"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T01:16:05Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-m2jw-wc29-6qmv/GHSA-m2jw-wc29-6qmv.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m2jw-wc29-6qmv",
+  "modified": "2025-12-19T03:31:18Z",
+  "published": "2025-12-19T03:31:18Z",
+  "aliases": [
+    "CVE-2025-67844"
+  ],
+  "details": "The GitHub Integration API in Mintlify Platform before 2025-11-15 allows remote attackers to obtain sensitive repository metadata via the repository owner and name fields. It fails to validate that the repository owner and name fields provided during configuration belong to the specific GitHub App Installation ID associated with the user's organization.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67844"
+    },
+    {
+      "type": "WEB",
+      "url": "https://kibty.town/blog/mintlify"
+    },
+    {
+      "type": "WEB",
+      "url": "https://news.ycombinator.com/item?id=46317098"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/blog/working-with-security-researchers-november-2025"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.mintlify.com/docs/changelog"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-425"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T02:16:09Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-p5pj-p5gv-2r5w/GHSA-p5pj-p5gv-2r5w.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-p5pj-p5gv-2r5w",
+  "modified": "2025-12-19T03:31:17Z",
+  "published": "2025-12-19T03:31:17Z",
+  "aliases": [
+    "CVE-2025-14900"
+  ],
+  "details": "A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14900"
+    },
+    {
+      "type": "WEB",
+      "url": "https://codeastro.com"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/YZS17/CVE/blob/main/CodeAstro_Real_Estate_Management_System/userdelete-sqli.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.337425"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.337425"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.715672"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T01:16:05Z"
+  }
+}