CVE-2025-12735 - Remote Code Execution in expr-eval JavaScript Library Explained
expr-eval is a popular JavaScript library that allows you to parse and evaluate mathematical expressions. Developers like it because it’s simple, fast, and lets
CVE-2025-43413 - How a Sandbox Loophole Let Apps Spy on Your Network (Patched in Apple’s 2024 OS Updates)
Apple announced CVE-2025-43413 in June 2024—an access vulnerability that made a lot of security folks raise their eyebrows. Believe it or not, a sandboxed
CVE-2025-11953 - Critical OS Command Injection in React Native Metro Development Server
A new critical vulnerability has been assigned as CVE-2025-11953 affecting applications developed with React Native that use the Metro Development Server. This vulnerability can lead
CVE-2025-64148 - Exploiting a Missing Permission Check in Jenkins Publish to Bitbucket Plugin
CVE-2025-64148 is a recently discovered security vulnerability in the Jenkins Publish to Bitbucket Plugin, affecting version .4 and earlier. This flaw arises from a missing
CVE-2025-64149 - Exploiting CSRF in Jenkins Publish to Bitbucket Plugin to Steal Credentials
A new vulnerability has been discovered in the hugely popular Jenkins automation server. This bug, CVE-2025-64149, affects the _Publish to Bitbucket Plugin_ version .4 and
Episode
00:00:00
00:00:00