As part of our ongoing research and consulting efforts, we frequently discover vulnerabilities in third-party products. Committed to enhancing the security of the digital ecosystem, we publish detailed security advisories according our vulnerability disclosure policy. You can find the full security advisories with complete details in our Github repository.
Below is an overview of our latest security advisories:
-
LibreChat Server-Side Request Forgery (CVE-2025-69222)
-
LibreChat Insufficient Access Control on Agent Files (CVE-2025-69220)
-
LibreChat Insufficient Access Control on Agent Permission Queries (CVE-2025-69221)
-
Checkmk Cross Site Scripting (CVE-2025-39663)
-
Checkmk Agent Privilege Escalation via Insecure Temporary Files (CVE-2025-32919)
-
Checkmk Path Traversal (CVE-2025-39664)
-
Filebrowser Insecure Password Handling (CVE-2025-52997)
-
Filebrowser Password Protection of Links Bypassable (CVE-2025-52996)