CVE CyberSecurity Database News (Page 62)

Apr 25, 2025 RCE PHP

CVE-2025-32432 - Remote Code Execution in Craft CMS – Deep Dive, Exploit, and Protection

Craft CMS is a popular and powerful content management system used by developers for custom websites and digital experiences. Its flexibility, plugin support, and intuitive

Apr 25, 2025 RCE API Exploit PHP

CVE-2025-46616 - Remote Code Execution in Quantum StorNext Web GUI API (Pre-7.2.4) — File Upload Exploit Guide

A newly identified vulnerability, CVE-2025-46616, puts users of Quantum StorNext’s Web GUI API (prior to 7.2.4) at risk of remote code execution

Apr 25, 2025

CVE-2025-46599 - K3s Kubernetes kubelet Exposes ReadOnlyPort 10255 and Leaks Cluster Secrets

In early 2025, a critical vulnerability identified as CVE-2025-46599 was discovered in K3s, the CNCF-certified lightweight Kubernetes distribution. This issue affects K3s version 1.32

Apr 25, 2025

CVE-2025-43864 - React Router SSR Cache Poisoning Vulnerability Explained

Summary: In the world of modern web apps, *React Router* is a vital tool for handling navigation in React projects. However, a newly discovered vulnerability,

Apr 24, 2025

CVE-2025-43859 - How a Chunked Parsing Bug in h11 Could Let Attackers Smuggle HTTP Requests

In early 2025, security researchers discovered a troubling issue in the widely used h11 Python library—a pure-Python implementation of HTTP/1.1. This issue,