Security Advisories
A list of vulnerabilities (CVE / GHSA) publicly disclosed by Tencent Zhuque Lab. View as JSONopen_in_new
bug_report
Vulnerabilities
67
deployed_code
Products
21
leaderboard
Severity Breakdown
-
open_in_newHigh CVE-2025-23312 CWE‑94
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component
deployed_code Affected: NVIDIA All versions prior to 2.4.0 calendar_today Published: August 29, 2025 -
open_in_newHigh CVE-2025-57801 CWE-347
gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks
deployed_code Affected: gnark < 0.14.0 calendar_today Published: August 22, 2025 -
open_in_newMedium CVE-2025-38524
rxrpc: Fix recv-recv race of completed call
deployed_code Affected: Linux / rxrpc >= 4.9, < 6.6.100; >= 4.9, < 6.12.40; >= 4.9, < 6.15.8; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38525
rxrpc: Fix irq-disabled in local_bh_enable()
deployed_code Affected: Linux / rxrpc >= 6.14, < 6.15.8; >= 6.14, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38544
rxrpc: Fix bug due to prealloc collision
deployed_code Affected: Linux / rxrpc >= 4.9, < 6.6.99; >= 4.9, < 6.12.39; >= 4.9, < 6.15.7; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38514
rxrpc: Fix oops due to non-existence of prealloc backlog struct
deployed_code Affected: Linux / rxrpc >= 4.9, < 5.4.296; >= 4.9, < 5.10.240; >= 4.9, < 5.15.189; >= 4.9, < 6.1.146; >= 4.9, < 6.6.99; >= 4.9, < 6.12.39; >= 4.9, < 6.15.7; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-48887 CWE-1333
vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
deployed_code Affected: vllm >= 0.6.4, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newMedium GHSA-j828-28rj-hfhp CWE-1333
vLLM vulnerable to Regular Expression Denial of Service
deployed_code Affected: vllm >= 0.6.3, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newMedium CVE-2025-46722 CWE-1023/CWE-1288
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
deployed_code Affected: vllm >= 0.7.0, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newCritical CVE-2025-47277 CWE-502
Remote Code Execution via PyNcclPipe Communication Service
deployed_code Affected: vllm >=0.6.5,<0.8.5 calendar_today Published: May 20, 2025
Per page
