Carl Pearson

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 **Description** A memory safety bug exists in the software, which could lead to unexpected behavior or crashes when handling memory operations. **Recommendations** Update Firefox to version 152. Update Firefox ESR to version 140.12. Update Thunderbird to version 152. Update Thunderbird to version 140.12.

**Name of the Vulnerable Software and Affected Versions** Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App versions prior to 3.6.1 **Description** The Post SMTP plugin for WordPress has a flaw due to a missing capability check within the ` construct` function. This allows unauthenticated attackers to access logged emails, potentially including password reset emails with links that could lead to account takeover. Approximately 400,000 WordPress sites utilizing this plugin are potentially affected. Exploitation attempts have been observed in the wild, with over 4500 attempts blocked by Wordfence since November 1, 2025. The vulnerability allows attackers to read arbitrary logged emails sent through the Post SMTP plugin. The ` construct` function directly displays registered email content without performing capability checks, enabling unauthorized access. **Recommendations** Versions prior to 3.6.1 should be updated to version 3.6.1 or later.

**Name of the Vulnerable Software and Affected Versions** Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin versions prior to 2.3.6 **Description** The Everest Backup plugin for WordPress allows unauthorized access to data due to a missing capability check on the `everest process status` AJAX action. This allows unauthenticated attackers to retrieve back-up file locations, which can then be accessed and downloaded. This requires a back-up to be running in order for an attacker to retrieve the back-up location. **Recommendations** Update to version 2.3.6 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in Microsoft Outlook, allowing a remote attacker to gain unauthorized access to protected information. This can lead to the disclosure of sensitive information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** cloud-init versions prior to 21.2 cloud-init versions prior to 21.1.19 **Description** When instructing cloud-init to set a random password for a new user account, the password would be written to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user. **Recommendations** For versions prior to 21.2, update to version 21.2 or later to resolve the issue. For versions prior to 21.1.19, update to version 21.1.19 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/log/cloud-init-output.log file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Desktop Client versions prior to 3.3.1 **Description** The issue is related to the lack of SSL certificate verification when using the "Register with a Provider" flow in the Nextcloud Desktop Client, allowing a remote attacker to impact data integrity. **Recommendations** For versions prior to 3.3.1, update to version 3.3.1 or later to resolve the issue. As a temporary workaround, consider disabling the "Register with a Provider" flow until a patch is available. Restrict access to the affected flow to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 14.0.0 **Description** A missing check in the software could give unauthorized access to the previews of single file password protected shares. **Recommendations** For versions prior to 14.0.0, update to version 14.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 11.0.7 Nextcloud Server versions prior to 12.0.5 **Description** The issue is related to an Authorization Bypass Through User-Controlled Key. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. However, the app passwords themselves were neither disclosed nor could the error be misused to identify as another user. **Recommendations** For Nextcloud Server versions prior to 11.0.7, update to version 11.0.7 or later. For Nextcloud Server versions prior to 12.0.5, update to version 12.0.5 or later.