ui misrepresentation

Microsoft has assigned CVE‑2025‑64667 to a newly recorded Microsoft Exchange Server vulnerability classified as a spoofing / UI misrepresentation issue; the MSRC entry and CVE aggregators show the advisory was published on December 9, 2025 and currently carries a medium severity (CVSS 3.1 ~5.3)...

BusyBox’s tar utility has been assigned CVE‑2025‑46394 after researchers showed a crafted TAR archive can hide filenames from a listing by embedding terminal escape sequences in member names — a quiet but meaningful risk that can mislead users, obfuscate malicious payloads, and complicate...