CVE-2025-31130 - Breaking Git Integrity in Rust — The gitoxide SHA-1 Collision Attack
On May 1, 2024, a new vulnerability (CVE-2025-31130) was disclosed affecting gitoxide, a popular Rust implementation of Git. This vulnerability exposes gitoxide users to potentially
CVE-2025-27520 - Critical RCE in BentoML (<1.4.3) — Unsafe Deserialization Leads to Remote Code Execution
BentoML is a popular open-source Python framework designed for serving ML/AI models at scale with minimal code. Organizations adopt it to deploy ML models
CVE-2025-29815 - Exploiting Use-After-Free in Microsoft Edge (Chromium-Based) for Remote Code Execution
In early 2025, security researchers uncovered a critical vulnerability in Microsoft Edge (Chromium-based), tracked as CVE-2025-29815. This "use-after-free" flaw can allow an attacker
CVE-2025-25000 - Type Confusion in Microsoft Edge (Chromium-Based) Lets Attackers Run Code Remotely
---
Microsoft Edge is the default web browser for Windows 10 and 11. Since it’s based on Chromium (the same core as Chrome), most
CVE-2025-31161 - CrushFTP Authentication Bypass & Admin Takeover Explained
CrushFTP is a popular secure FTP, WebDAV, S3, and HTTP(S) file server solution, used by organizations globally. But in March and April 2025, attackers
Episode
00:00:00
00:00:00