CVE-2025-29924 - XWiki SubWiki Privacy Flaw Exposes Private Pages via REST API
Summary:
A new vulnerability, CVE-2025-29924, has been found in XWiki Platform, a popular open-source wiki system. Before versions 15.10.14, 16.4.6, and
CVE-2025-30197 - Unmasked API Key Exposure in Jenkins Zoho QEngine Plugin – Exploit Details & Remediation
A new vulnerability, CVE-2025-30197, has been discovered in the Jenkins Zoho QEngine Plugin, affecting versions up to and including 1..29.vfa_cc23396502. This flaw
CVE-2025-30154 - Major Reviewdog GitHub Action Supply Chain Compromise – Full Timeline, Exploit Analysis, and Mitigation
---
On March 11, 2025, a critical security incident struck the open source developer world: the popular reviewdog/action-setup GitHub Action was compromised, putting secrets
CVE-2025-29783 - Critical Remote Code Execution Vulnerability in vLLM with Mooncake (Exploit & Deep Dive)
A critical remote code execution (RCE) vulnerability (CVE-2025-29783) has been found in vLLM when configured with Mooncake for distributed serving. The flaw allows attackers to
CVE-2025-29770 - Denial of Service in vLLM Outlines Grammar Cache — How a Cache Bug Could Crash Your Inference Server
CVE-2025-29770 is a security vulnerability discovered in vLLM, a high-throughput, memory-efficient engine for running large language models (LLMs). The issue impacts any vLLM deployment that
Episode
00:00:00
00:00:00