A critical remote code execution (RCE) vulnerability, identified as CVE-2025-67489, has been discovered in the @vitejs/plugin-rsc open-source component. This flaw stems from the use of unsafe dynamic imports within RSC server function APIs, specifically impacting development server environments. Exploitation of this vulnerability could allow an attacker to execute arbitrary code remotely on the affected development server.

CVE-2025-67494 identifies a critical unauthenticated Server-Side Request Forgery (SSRF) vulnerability affecting ZITADEL, an open-source identity and access management solution. Exploitation occurs via the V2 Login interface, allowing an unauthenticated attacker to coerce the ZITADEL server into making arbitrary requests to internal or external resources and disclosing the full response content. This enables potential access to sensitive internal network resources, bypassing security controls, and unauthorized information disclosure, posing a severe risk to confidentiality and potentially system integrity within affected environments.

CVE-2025-66568 identifies a critical vulnerability in the ruby-saml library, allowing a Libxml2 Canonicalization error to bypass SAML Digest and Signature validation. This flaw enables attackers to manipulate SAML assertions without detection, potentially leading to unauthorized access, privilege escalation, or other security compromises in applications relying on ruby-saml for authentication and authorization. Given its critical severity, immediate attention and remediation are required for affected systems to maintain the integrity and security of SAML-based authentication flows.

CVE-2025-66567 describes a critical authentication bypass vulnerability affecting the ruby-saml library. This flaw originates from improper namespace handling, leading to a parser differential issue that allows an attacker to bypass SAML authentication mechanisms. Successful exploitation could grant unauthorized access to systems or applications that rely on ruby-saml for SAML-based single sign-on (SSO), posing a significant security risk to integrated environments and data integrity.

A critical vulnerability, CVE-2025-66565, has been identified in github.com/gofiber/utils/v2. The library’s UUIDv4 and generic UUID generation functions contain a silent fallback mechanism that can result in the production of predictable UUID values instead of cryptographically strong random ones. This predictability compromises the security guarantees typically associated with UUIDs, potentially enabling attackers to guess or predict identifiers. This could lead to various security bypasses, including session hijacking, token forging, or collision attacks, depending on how UUIDs are utilized within an application. Applications relying on the gofiber/utils/v2 library for security-sensitive unique identifiers are at significant risk.

A critical API vulnerability (CVE-2025-64113) has been identified in MediaBrowser.Server.Core, affecting Emby Server. This flaw allows an unauthenticated attacker to gain full administrative access to the Emby Server instance without any prior conditions or authentication. The vulnerability poses a significant risk, potentially leading to complete compromise of the media server and its hosted content, including user data and system configurations.