CVE-2025-53481 – WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

July 4, 2025

CVE ID : CVE-2025-53481

Published : July 4, 2025, 4:15 p.m. | 2 hours, 57 minutes ago

Description : Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki – IPInfo Extension allows Excessive Allocation.This issue affects Mediawiki – IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53482 – Wikimedia Foundation Mediawiki – IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-49600 – MbedTLS LMS Signature Forgery Vulnerability

Highlights

CVE-2025-47274 – ToolHive Inadvertent Secrets Storage Vulnerability

May 12, 2025

CVE ID : CVE-2025-47274

Published : May 12, 2025, 3:16 p.m. | 1 hour, 18 minutes ago

Description : ToolHive is a utility designed to simplify the deployment and management of Model Context Protocol (MCP) servers. Due to the ordering of code used to start an MCP server container, versions of ToolHive prior to 0.0.33 inadvertently store secrets in the run config files which are used to restart stopped containers. This means that an attacker who has access to the home folder of the user who starts the MCP server can read secrets without needing access to the secrets store itself. This only applies to secrets which were used in containers whose run configs exist at a point in time – other secrets remaining inaccessible. ToolHive 0.0.33 fixes the issue. Some workarounds are available. Stop and delete any running MCP servers, or manually remove any runconfigs from `$HOME/Library/Application Support/toolhive/runconfigs/` (macOS) or `$HOME/.state/toolhive/runconfigs/` (Linux).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-53481 – WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

The Era of the AI Browser Is Here

FACTS Grounding: A new benchmark for evaluating the factuality of large language models

Critical Viasat Firmware Vulnerability Let Attackers Execute Remote Code

CVE-2025-4078 – Wangshen SecGate 3600 2400 File Path Traversal Vulnerability

CVE-2025-47274 – ToolHive Inadvertent Secrets Storage Vulnerability

CVE-2025-4602 – eMagicOne Store Manager for WooCommerce WordPress Arbitrary File Read Vulnerability

CVE-2025-2172 – Aviatrix Controller Command Injection

10 Common Web Development Mistakes to Avoid Right Now

CVE-2025-53481 – WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

Related Posts