CVE-2025-1412 - How Mattermost’s User-to-Bot Session Failure Could Lead to Privilege Escalation
On June 2024, security researchers uncovered a serious vulnerability in Mattermost—a popular open-source messaging solution for workplaces and communities (official site). Tracked as CVE-2025-1412,
CVE-2025-1538 - Critical Heap Overflow in D-Link DAP-132’s set_ws_action Function Enables Remote Exploitation
Summary:
A critical vulnerability, tagged as CVE-2025-1538, was discovered in D-Link DAP-132 firmware version 1.00. The flaw resides in the set_ws_action function
CVE-2025-27097 - Variable Caching Flaw in GraphQL Mesh Federation Gateway Leads to Memory Leak and Token Replay
Published: June 2024
TL;DR
A security vulnerability in GraphQL Mesh (CVE-2025-27097) affects applications using GraphQL Mesh as a federation gateway. When using transforms at
CVE-2025-0352 - How a Broken API in Rapid Response Monitoring Can Expose Your Security Account
In early 2025, a severe vulnerability—now formally indexed as CVE-2025-0352—was discovered in the Rapid Response Monitoring “My Security Account” mobile application. This flaw
CVE-2025-0868 - Remote Code Execution in DocsGPT via /api/remote and Unsafe JSON Parsing
Summary:
A critical vulnerability (CVE-2025-0868) has been found in popular open-source documentation assistant DocsGPT, versions .8.1 through .12.. If you're running an
Episode
00:00:00
00:00:00