CVE-2025-12888 - Timing Attack Found in X25519 Crypto Implementations on Xtensa-based ESP32 Chips
*Published: July 2024*
A serious vulnerability, CVE-2025-12888, has been identified in the way X25519 cryptographic key exchange is implemented on Xtensa-based chips (notably the popular
CVE-2025-11933 - How Improper Input Validation in wolfSSL’s TLS 1.3 CKS Extension Can Cause DoS
A new vulnerability, CVE-2025-11933, has been discovered in wolfSSL up to version 5.8.2. This issue affects the popular security library on multiple platforms,
CVE-2025-11934 - Downgrade Risk in wolfSSL’s TLS 1.3 CertificateVerify Signature Algorithm — Explained
When relying on encrypted connections, most of us trust that a modern library like wolfSSL keeps our data private and secure. But with CVE-2025-11934, a
CVE-2025-41115 - Exploiting SCIM Provisioning in Grafana to Impersonate and Elevate Privileges
In April, Grafana introduced SCIM provisioning via Grafana Enterprise and Grafana Cloud. The intention was to help organizations automate user management—handling onboarding, offboarding, and
Episode
00:00:00
00:00:00