CVE-2025-55753 - Integer Overflow in Apache HTTP Server’s ACME Renewal Timer Can Lead to Certificate Flood
In early 2025, a new vulnerability was disclosed in the Apache HTTP Server, one of the world’s most popular web servers. This vulnerability, tracked
CVE-2025-66516 - Critical XXE Vulnerability in Apache Tika Core, PDF Module, and Parsers
A major security flaw has been found in Apache Tika affecting its tika-core (1.13-3.2.1), tika-pdf-module (2..-3.2.1), and tika-parsers (1.
CVE-2025-55182 - Pre-auth RCE in React Server Components – How Deserialization Opened the Door
React Server Components bring a lot of power to web development, but sometimes power comes with risk. In early 2025, a major vulnerability—CVE-2025-55182—was
CVE-2025-66035 - XSRF Token Leak in Angular via Protocol-Relative URLs
A new critical vulnerability—CVE-2025-66035—has been found in Angular’s popular HttpClient, affecting versions prior to 19.2.16, 20.3.14, and 21.
CVE-2025-58360 - How an XXE Flaw in GeoServer Exposed Sensitive Data Via GetMap Requests
GeoServer, the popular open-source geospatial server, is often used by organizations to share and visualize spatial data. In early 2025, security researchers discovered a new
Episode
00:00:00
00:00:00