CVE-2025-43859 - How a Chunked Parsing Bug in h11 Could Let Attackers Smuggle HTTP Requests
In early 2025, security researchers discovered a troubling issue in the widely used h11 Python library—a pure-Python implementation of HTTP/1.1. This issue,
CVE-2025-31324 - SAP NetWeaver Visual Composer Metadata Uploader Unauthenticated File Upload – Deep Dive and Exploit
Summary:
A new vulnerability, CVE-2025-31324, has been identified in SAP NetWeaver Visual Composer. This flaw allows anyone—without any login or authentication—to upload files,
CVE-2025-46420 - Memory Leak in `libsoup`’s `soup_header_parse_quality_list()` – Vulnerability Explained and Exploited
---
What is CVE-2025-46420?
Recently, a memory leak vulnerability (CVE-2025-46420) was discovered in libsoup, a popular HTTP client/server library used by projects like GNOME,
CVE-2025-27820 - How a Tiny Bug in Apache HttpClient 5.4.x Broke Cookie Security and Hostname Checks
In early 2025, the Apache HttpClient team uncovered a subtle but critical bug in their popular HTTP communication library, culminating in the vulnerability tracked as
CVE-2025-3776 - Remote Code Execution in TargetSMS WordPress Plugin (All Versions up to 1.5)
WordPress plugins are meant to make your site more powerful and easier to manage. But sometimes, a bad plugin can make your site vulnerable to
Episode
00:00:00
00:00:00