CVE-2025-25014 - Prototype Pollution in Kibana Allows Remote Code Execution
In early 2025, a new high-impact vulnerability—CVE-2025-25014—was discovered in Kibana, the popular open-source data visualization tool that works with Elasticsearch. This bug, known
CVE-2025-2905 - XXE in WSO2 API Manager Gateway – Exploiting XML Path Injection for Data Theft and Denial of Service
Published: 2024-06-01 <br>Severity: High <br>CVSS: 8.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/
CVE-2025-4166 - How HashiCorp Vault kv v2 Plugin Could Leak Secrets via API – Explained
Summary:
A new vulnerability, CVE-2025-4166, affects HashiCorp Vault users worldwide. Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may expose sensitive information
CVE-2025-46565 - The Vite Slash-Dot Bypass Vulnerability — How Dev Server Leaks Your Secret Files
Vite, the blazing-fast frontend tooling framework loved by modern JavaScript developers, recently faced a significant security flaw (CVE-2025-46565) that exposed sensitive files during development. Even
CVE-2022-49931 - Kernel Crash in Linux hfi1 Driver Due to Incorrect List Handling
Summary
CVE-2022-49931 is a vulnerability in the Linux kernel's hfi1 driver for Infiniband devices. It causes a kernel crash when a link goes
Episode
00:00:00
00:00:00