CVE-2025-1257 - Denial of Service in GitLab EE APIs - Full Analysis and Exploit Details
In April 2025, a vulnerability cataloged as CVE-2025-1257 was disclosed affecting GitLab Enterprise Edition (EE) across multiple versions. This flaw makes specific API endpoints in
CVE-2024-12380 - How GitLab Repo Mirroring Could Leak Your Secrets
GitLab is one of the most popular tools for collaborative software development. But sometimes, even big names get things wrong. Today, we’ll dive into
CVE-2024-7296 - GitLab EE Membership Approval Bypass Explained with Exploit Details
Recently, security researchers uncovered a significant vulnerability in GitLab Enterprise Edition (EE) tracked as CVE-2024-7296. If you’re running GitLab in your organization and depend
CVE-2025-27407 - Remote Code Execution in graphql-ruby via `from_introspection` Schema Loading
A critical vulnerability was discovered in graphql-ruby, the popular Ruby library for implementing GraphQL APIs. If your application uses certain versions of graphql-ruby, attackers could
CVE-2025-25711 - Privilege Escalation in dtp.ae tNexus Airport View v2.8 via ProfileID Injection
---
Intro
A new vulnerability, CVE-2025-25711, has been discovered in the popular airport management software, dtp.ae tNexus Airport View v2.8. The flaw lets
Episode
00:00:00
00:00:00