CVE-2025-22610 - Unauthorized Access to OAuth Secrets in Coolify (Explained and Exploited)
Coolify is an open-source and self-hostable platform that helps developers manage servers, applications, and databases—kind of like your all-in-one digital Swiss Army knife. But
CVE-2024-45077 - How IBM Maximo Asset Management 7.6.1.3's MXAPIASSET API Can Be Exploited via Simple File Upload Trick
In mid-2024, a serious vulnerability (CVE-2024-45077) was discovered in IBM Maximo Asset Management version 7.6.1.3, specifically within its MXAPIASSET REST API. This
CVE-2024-11931 - Exfiltrating GitLab Protected CI Variables via CI Lint (A Simple Guide With Exploit Details)
In February 2024, a critical vulnerability (CVE-2024-11931) was found affecting multiple versions of GitLab Community Edition (CE) and Enterprise Edition (EE). If you care about
CVE-2025-24353 - How a Directus Role Escalation Bug Exposed Hidden Data
Directus is a popular open source platform for managing SQL database content through a modern API and dashboard—trusted by thousands of teams worldwide. But
CVE-2025-23006 - Pre-Auth Deserialization Flaw Exposes SMA100 AMC/CMC to Remote Command Execution
June 2024 Update: A new critical vulnerability, CVE-2025-23006, has been published for SonicWall SMA100 Series’ Appliance Management Console (AMC) and Central Management Console (CMC). This
Episode
00:00:00
00:00:00