CVE-2025-0604 - How a Keycloak Password Reset Bug Lets Expired or Disabled AD Users Slip Through
---
Overview
A newly identified vulnerability, CVE-2025-0604, impacts Keycloak—an open-source identity and access management tool used by many organizations to handle authentication and user
CVE-2025-0395 - Buffer Overflow in GNU C Library assert() Puts Linux Systems at Risk
June 2024 brought a surprising discovery in one of the most-used libraries on Linux: GNU C Library’s (glibc) assert() function is vulnerable to a
CVE-2024-11218 - Exploiting a Race Condition in Podman and Buildah for Container Breakout
A new vulnerability, CVE-2024-11218, has been discovered in two popular container tools: Podman and Buildah. If you’re using the podman build or buildah build
CVE-2025-23090 - How Exploiting `diagnostics_channel` in Node.js Exposes Permission Model Weakness
Published: June 2024
Impacts: Node.js v20, v22, v23 with Permission Model (--permission) enabled
Severity: High
CVE: CVE-2025-23090
What’s the Big Deal?
A newly
CVE-2025-23083 - Escalating Node.js Access with diagnostics_channel and Internal Workers Exploit
In early 2025, a critical vulnerability was reported in Node.js that impacts how applications isolate resources and permissions, especially when the experimental Permission Model
Episode
00:00:00
00:00:00