CVE-2025-31651 - Exploiting Rewrite Rule Bypass in Apache Tomcat — Details, Demo, and Defense
Apache Tomcat is one of the world’s most popular Java web servers. This spring, security researchers found a serious flaw — CVE-2025-31651 — that affects how
CVE-2025-31650 - Memory Leak and Denial of Service in Apache Tomcat via Broken HTTP Priority Headers
A newly disclosed vulnerability with the identifier CVE-2025-31650 has been discovered in Apache Tomcat, one of the most widely used Java web servers in the
CVE-2025-27820 - How a Tiny Bug in Apache HttpClient 5.4.x Broke Cookie Security and Hostname Checks
In early 2025, the Apache HttpClient team uncovered a subtle but critical bug in their popular HTTP communication library, culminating in the vulnerability tracked as
CVE-2025-29953 - How Untrusted Data Deserialization in Apache ActiveMQ NMS OpenWire Client Puts You at Risk (And How to Fix It)
A major security flaw – CVE-2025-29953 – was found in Apache ActiveMQ NMS OpenWire Client that can let attackers run arbitrary code on your .NET systems. This
CVE-2025-32907 - How a Bug in libsoup’s HTTP Range Handling Can Eat Your Server’s Memory
A new security issue, tracked as CVE-2025-32907, was recently found in libsoup, a popular HTTP library used on Linux systems (especially in GNOME and web
Episode
00:00:00
00:00:00