CVE-2025-41115 - Exploiting SCIM Provisioning in Grafana to Impersonate and Elevate Privileges
In April, Grafana introduced SCIM provisioning via Grafana Enterprise and Grafana Cloud. The intention was to help organizations automate user management—handling onboarding, offboarding, and
CVE-2025-13193 - Information Disclosure in libvirt Due to World-Readable Inactive Snapshots
In early 2025, security researchers uncovered a serious vulnerability—CVE-2025-13193—affecting libvirt, a popular virtualization management toolkit. This flaw, tied directly to how libvirt handles
CVE-2025-25022 - Info Leak in IBM QRadar Suite & Cloud Pak for Security – Exploit & Analysis
A new critical vulnerability, CVE-2025-25022, has shaken the cybersecurity world. This flaw affects IBM QRadar Suite Software versions 1.10.12. through 1.11.2.
CVE-2025-3454 - Bypassing Grafana Datasource Proxy API Authentication with a Simple Slash
Grafana is an open-source analytics and monitoring platform, used widely for visualizing data through dashboards. In early 2025, a critical security flaw was discovered in
CVE-2025-30721 - Deep Dive into DoS Vulnerability in Oracle MySQL Server’s UDF Engine
CVE-2025-30721 is a new vulnerability affecting Oracle's MySQL Server, specifically in the Server: UDF (User Defined Function) component. This flaw is stirring conversations
Episode
00:00:00
00:00:00