Summary Publication CVE ID Published Date Last Updated
Absolute path traversal in zip:unzip/1,2
  • Erlang OTP
CVE-2025-4748 16 June 2025 02 September 2025
Missing Session Revocation on Logout in ash_authentication_phoenix
  • Hex: ash_authentication_phoenix
CVE-2025-4754 17 June 2025 02 September 2025
Unverified File Handles can Cause Excessive Use of System Resources
  • Erlang OTP
CVE-2025-48038 11 September 2025 12 September 2025
Unverified Paths can Cause Excessive Use of System Resources
  • Erlang OTP
CVE-2025-48039 11 September 2025 12 September 2025
Malicious Key Exchange Messages may Lead to Excessive Resource Consumption
  • Erlang OTP
CVE-2025-48040 11 September 2025 12 September 2025
SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles
  • Erlang OTP
CVE-2025-48041 11 September 2025 12 September 2025
Before action hooks may execute in certain scenarios despite a request being forbidden
  • Hex: ash
CVE-2025-48042 07 September 2025 09 September 2025

CVE’s can also be requested as a JSON: GET /cves/index.json