cve 2025 53717

Libsodium's ed25519 point-validation routine contains a subtle but important bug that can let malformed points slip past validation in niche workflows, a flaw tracked as CVE-2025-69277 and fixed in the commit ad3004e. Background Libsodium has long been the portable, easy-to-use cryptography...

A recently disclosed Linux kernel vulnerability in the Btrfs filesystem — tracked as CVE-2023-53247 — can trigger a kernel oops or panic by misordering page state operations in the buffered write path, allowing an attacker with local access to cause a sustained denial-of-service on impacted...

A narrowly targeted but important Linux kernel fix addressing CVE-2023-53218 changes how the rxrpc subsystem handles a queued call so a waiting process can be aborted instead of leaving subsequent calls blocked with EBUSY — a behavior that could cause sustained denial-of-service for local users...

Microsoft has published an advisory for CVE-2025-59238, a use‑after‑free vulnerability in Microsoft PowerPoint that can allow an attacker to execute arbitrary code on a local system when a user opens a crafted presentation. Microsoft’s advisory and multiple third‑party trackers place the CVSS...

Microsoft has published an advisory for CVE-2025-53717, a high‑impact elevation‑of‑privilege vulnerability in Windows Virtualization‑Based Security (VBS) Enclave that Microsoft characterizes as “reliance on untrusted inputs in a security decision.” The vendor‑published metrics list a CVSS v3.1...

Microsoft today disclosed CVE-2025-59236, a high-severity Microsoft Excel vulnerability that vendors and investigators classify as a use‑after‑free memory corruption capable of allowing remote delivery and local code execution when a specially crafted workbook is processed, and Microsoft has...