CVE CyberSecurity Database News (Page 56)

Apr 30, 2025 Exploit

CVE-2025-24132 - AirPlay and CarPlay Plug-in Local Network Exploit – Memory Handling Flaw Exposed

A new security vulnerability, CVE-2025-24132, has recently been disclosed and patched by Apple in several key SDKs—AirPlay audio, AirPlay video, and CarPlay Communication Plug-in.

Apr 30, 2025 API iOS

CVE-2025-24091 - The Apple Notification Spoofing Flaw That Could Have Fooled Us All

Apple users trust their devices to give accurate, authentic notifications—from new messages and alerts to security warnings. But what if an app could pretend

Apr 30, 2025 API

CVE-2025-46342 - How a Small Miss in Kyverno Let Hackers Slip Through Critical Policy Checks

TL;DR: A subtle bug in Kyverno (before v1.13.5 & v1.14.) let users with Kubernetes API access bypass essential security policies. That

Apr 30, 2025

CVE-2025-46560 - vLLM Multimodal Tokenizer Quadratic Complexity Vulnerability — Explanation and Exploit

On April 2025, security researchers discovered CVE-2025-46560 — a critical performance vulnerability in the vLLM serving engine for large language models (LLMs). This bug allowed attackers

Apr 30, 2025

CVE-2025-30202 - vLLM Exposed — Denial of Service and Data Leakage via ZeroMQ XPUB Socket

vLLM is a popular, high-speed inference and serving engine built for Large Language Models. It's known for its performance and efficiency in powering