Security
Headlines

Headlines Latest CVEs

Headline

GHSA-9c5q-w6gr-fxcq: MQTT does not validate hostnames

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle (MITM) attack.

1 day ago

#git #intel #ruby

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewDiscover and integrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-12790

MQTT does not validate hostnames

High severity GitHub Reviewed Published Nov 6, 2025 to the GitHub Advisory Database • Updated Nov 6, 2025

Package

Affected versions

< 0.7.0

Description

Published to the GitHub Advisory Database

Nov 6, 2025

EPSS score

ghsa: Latest News

GHSA-vfpf-xmwh-8m65: ProsemirrorToHtml has a Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values

20 hours ago

GHSA-f83h-ghpp-7wcc: Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc

20 hours ago

GHSA-wf5f-4jwr-ppcp: Arbitrary Code Execution in pdfminer.six via Crafted PDF Input

22 hours ago

GHSA-46xp-26xh-hpqh: KubeVirt Vulnerable to Arbitrary Host File Read and Write

1 day ago

GHSA-vm2f-46xc-5jc3: AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64

1 day ago