| Published | Public | Updated | ID | CVSS | Title |
|---|---|---|---|---|---|
| 2025-06-10 | 2025-06-10 | 2025-10-20 | VU#211341 | A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable | |
| 2025-09-29 | 2025-09-29 | 2025-10-23 | VU#534320 | NPM supply chain compromise exposes challenges to securing the ecosystem from credential theft and self-propagation | |
| 2025-10-28 | 2025-10-28 | 2025-10-28 | VU#517845 | Authenticated SMTP users may spoof other identities due to ambiguous “From” header interpretation |