CVE-2025-20298 - How Weak Directory Permissions in Splunk Universal Forwarder for Windows Expose Your Data
CVE-2025-20298 is a security vulnerability discovered in Splunk Universal Forwarder for Windows. Versions *below* 9.4.2, 9.3.4, 9.2.6, and 9.
CVE-2025-3454 - Bypassing Grafana Datasource Proxy API Authentication with a Simple Slash
Grafana is an open-source analytics and monitoring platform, used widely for visualizing data through dashboards. In early 2025, a critical security flaw was discovered in
CVE-2025-49113 - Remote Code Execution in Roundcube Webmail via Authenticated PHP Object Deserialization
CVE-2025-49113 is a critical vulnerability affecting Roundcube Webmail (before version 1.5.10 and 1.6.x before 1.6.11). If you’re running
CVE-2024-7097 - Insecure User Account Creation in WSO2 Products Explained
In June 2024, a major security flaw was uncovered in various WSO2 products—technology used for identity access management and APIs worldwide. This vulnerability, tracked
CVE-2025-4598 - How A Race Condition in systemd-coredump Leaks SUID Process Secrets
A new vulnerability, tracked as CVE-2025-4598, has been discovered in systemd-coredump, the component responsible for collecting and processing core dumps on many modern Linux systems.
Episode
00:00:00
00:00:00