CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published December 11, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published December 11, 2025
Information published.
CVE-2025-54100 PowerShell Remote Code Execution Vulnerability
Published December 11, 2025
Improper neutralization of special elements used in a command (‘command injection’) in Windows PowerShell allows an unauthorized attacker to execute code locally.
CVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published December 11, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
Published December 11, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published December 11, 2025
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=…
Published December 11, 2025
Information published.
CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error
Published December 11, 2025
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published December 11, 2025
Information published.
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published December 11, 2025
Information published.
