CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published December 11, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published December 11, 2025
Information published.
CVE-2025-54100 PowerShell Remote Code Execution Vulnerability
Published December 11, 2025
Improper neutralization of special elements used in a command (‘command injection’) in Windows PowerShell allows an unauthorized attacker to execute code locally.
CVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published December 11, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
Published December 11, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published December 11, 2025
Information published.
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published December 11, 2025
Information published.
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Published December 11, 2025
Information published.
CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user
Published December 11, 2025
Information published.
CVE-2025-40334 drm/amdgpu: validate userq buffer virtual address and size
Published December 11, 2025
Information published.
