CVE CyberSecurity Database News (Page 91)

Apr 11, 2025 Exploit SQL

CVE-2025-1386 - Exploiting Query Smuggling in ch-go via Malicious External Data

Introduction In June 2025, a critical security vulnerability was uncovered in the popular Go client library, ch-go, used to communicate with ClickHouse databases. Catalogued as

Apr 10, 2025 API

CVE-2025-24866 - Privilege Bypass in Mattermost 9.11.x Allows Unintended Access to User Activity Logs

On June 7, 2024, Mattermost—a popular open-source collaboration platform—received a critical security advisory: CVE-2025-24866. This vulnerability affects Mattermost versions 9.11.x up

Apr 10, 2025 Exploit

CVE-2025-32743 - Exploiting a Dangerous NULL Lookup Bug in ConnMan’s DNS Proxy

CVE-2025-32743 is a fresh vulnerability affecting ConnMan, the popular connection manager used on Linux-based systems and embedded devices. This bug can be abused to crash

Apr 10, 2025

CVE-2025-2469 - Unauthenticated Access to Runtime Profiling Data in GitLab CE/EE

--- Introduction In early 2025, a significant security vulnerability was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). Tracked as CVE-2025-2469, it affects

Apr 10, 2025 Exploit

CVE-2025-32395 - Understanding the Vite Dev Server File Disclosure Vulnerability

Vite has quickly risen as the frontend tooling choice for modern JavaScript developers, prized for its lightning-fast server startup and hot module reload. But as