CVE-2026-42208 - Critical LiteLLM SQL Injection Risk Exposes Secrets and Access
LiteLLM has become a popular open-source “AI Gateway” (GitHub: BerriAI/litellm), making it easier to run OpenAI-style LLM queries across models and providers. But from
CVE-2025-67887 - Exploiting Remote Code Execution in 1C-Bitrix Translate Module (Simple & Exclusive Analysis)
TL;DR: If you’re running 1C-Bitrix (up to version 25.100.500), be aware: Anyone with SOURCE/WRITE permissions on the Translate Module can
CVE-2025-69691 - Remote Code Execution in Netgate pfSense CE 2.8. XMLRPC API (pfsense.exec_php) — Explained
Netgate’s pfSense is a popular open-source firewall and router. In version 2.8., a new security concern—CVE-2025-69691—has been identified that lets an
CVE-2026-7962 - DirectSockets in Google Chrome – A Deep Dive into Insufficient Policy Enforcement and Exploitation
A new vulnerability, CVE-2026-7962, has been identified in Google Chrome’s DirectSockets API, exposing users to potential arbitrary read and write actions from malicious Chrome
CVE-2026-7935 - Exploiting UI Spoofing with Chrome’s Speech API (Pre-148..7778.96)
A recent vulnerability, CVE-2026-7935, was discovered in Google Chrome’s Speech API, affecting versions prior to 148..7778.96. This bug allowed remote attackers to
Episode
00:00:00
00:00:00