CVE-2025-49113 - Remote Code Execution in Roundcube Webmail via Authenticated PHP Object Deserialization
CVE-2025-49113 is a critical vulnerability affecting Roundcube Webmail (before version 1.5.10 and 1.6.x before 1.6.11). If you’re running
CVE-2024-7097 - Insecure User Account Creation in WSO2 Products Explained
In June 2024, a major security flaw was uncovered in various WSO2 products—technology used for identity access management and APIs worldwide. This vulnerability, tracked
CVE-2025-4598 - How A Race Condition in systemd-coredump Leaks SUID Process Secrets
A new vulnerability, tracked as CVE-2025-4598, has been discovered in systemd-coredump, the component responsible for collecting and processing core dumps on many modern Linux systems.
CVE-2024-12224 - How Improper Validation in idna (Rust's punycode crate) Opens the Door to Hostname Confusion Attacks
In early 2024, security researchers uncovered a vulnerability—CVE-2024-12224—affecting the idna crate, which is a crucial part of Rust's popular rust-url library.
CVE-2025-46701 - Security Constraint Bypass in Apache Tomcat CGI Servlet (Case Sensitivity Vulnerability)
On June 12, 2024, a new security vulnerability, CVE-2025-46701, was published that affects multiple versions of the Apache Tomcat server. This vulnerability is due to
Episode
00:00:00
00:00:00