CVE-2025-25292: Authentication Bypass Vulnerability Found in Ruby-SAML Prior to Versions 1.12.4 and 1.18. Due to Parser Differential
Ruby-SAML, a library that provides Security Assertion Markup Language (SAML) Single Sign-On (SSO) for Ruby, has been found to have an authentication bypass vulnerability in
CVE-2025-25291: Authentication Bypass Vulnerability Found in ruby-saml Parsers
Ruby-saml is a popular gem that provides Security Assertion Markup Language (SAML) Single Sign-On (SSO) support for Ruby applications. A significant authentication bypass vulnerability has
CVE-2025-27407: Remote Code Execution in GraphQL-Ruby Prior to Versions 1.11.8, 1.12.25, 1.13.24, 2..32, 2.1.14, 2.2.17, and 2.3.21
GraphQL-Ruby is a widely-used Ruby implementation of the query language GraphQL. It provides a simple, expressive and efficient way to build APIs. However, if you&
CVE-2025-24201 - Out-of-Bounds Write Issue Addressed in visionOS, iOS, iPadOS, macOS, and Safari to Prevent Unauthorized Actions
The CVE-2025-24201 vulnerability, an out-of-bounds write issue, has recently been addressed by Apple with the release of improved security checks in visionOS 2.3.2,
CVE-2025-24997 - Critical Null Pointer Dereference in Windows Kernel Memory Posing a Local DOS Attack Risk
It's essential for security researchers to keep up-to-date with the ever-evolving threat landscape and newly discovered vulnerabilities in order to stay ahead in
Episode
00:00:00
00:00:00