CVE-2025-8046: 
WordPress vulnerability analysis and mitigation

WebKitGTK, the port of the WebKit rendering engine to GTK platform, was found to contain two security vulnerabilities as reported in Red Hat Enterprise Linux 8. The vulnerabilities were disclosed on May 20, 2025, affecting webkit2gtk3 package versions before 2.48.2-1.el810. The affected systems include Red Hat Enterprise Linux for x8664, IBM z Systems, Power (little endian), and ARM 64 architectures (Red Hat Advisory).

Two distinct vulnerabilities were identified: CVE-2025-31205, which allows malicious websites to exfiltrate data cross-origin, and CVE-2025-31257, which can lead to unexpected Safari crashes when processing maliciously crafted web content. The security impact was rated as Important by Red Hat Product Security, with specific CVSS scores available for each vulnerability (Red Hat Advisory).

The vulnerabilities could potentially allow malicious websites to exfiltrate data across origins and cause unexpected application crashes in Safari. This poses significant security risks for users of affected WebKitGTK installations (Red Hat Advisory).

Red Hat has released security updates to address these vulnerabilities. Users are advised to update to webkit2gtk3 version 2.48.2-1.el810. The update is available for all affected architectures including x8664, s390x, ppc64le, and aarch64 (Red Hat Advisory).