CVE-2025-3028 - Exploiting a Use-After-Free in Firefox’s XSLTProcessor – How Dangerous JavaScript Code Can Run
In early 2025, a serious vulnerability was discovered and patched in Mozilla Firefox and Thunderbird – specifically affecting how JavaScript can run when transforming documents with
CVE-2025-30798 - Reflected Cross-site Scripting in rickonline_nl Better WishList API up to 1.1.4 – Exploit and Analysis
---
Introduction
A new vulnerability—CVE-2025-30798—has been found in the Better WishList API developed by rickonline_nl. The issue is an Improper Neutralization of
CVE-2025-21384 - How an SSRF Flaw in Microsoft Azure Health Bot Lets Attackers Elevate Privileges
---
*Date: June 2024*
*Author: SecureDev*
What is CVE-2025-21384?
CVE-2025-21384 is a serious security bug found in Microsoft Azure Health Bot, a service used for
CVE-2025-26683 - How Improper Authorization in Azure Playwright Allows Privilege Escalation
---
Introduction
In early 2025, a serious vulnerability—CVE-2025-26683—was discovered in Azure Playwright, Microsoft's cloud environment for end-to-end testing. This flaw allows
CVE-2025-30369 - Zulip Custom Profile Field Deletion Vulnerability (Explained with Code and Exploit Details)
CVE-2025-30369 is a newly reported vulnerability that affects Zulip, a popular open-source team chat platform. If you’re an IT admin or developer using Zulip
Episode
00:00:00
00:00:00