IBM-X-FORCE-EXCHANGE

Title	Description	Date
MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL (CVE-2025-66401)open in new window	Visit link for details	Dec 1, 2025
fastify-reply-from bypass of reply forwarding (CVE-2025-66415)open in new window	Visit link for details	Dec 1, 2025
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes (CVE-2025-66412)open in new window	Visit link for details	Dec 1, 2025
Gin-vue-admin has an arbitrary file deletion vulnerability (CVE-2025-66410)open in new window	Visit link for details	Dec 1, 2025
open in new window	Visit link for details
open in new window	Visit link for details
open in new window	Visit link for details

# IBM-X-FORCE-EXCHANGE