CVE-2025-12073 - Critical SSRF Vulnerability in GitLab Git Repository Import (Exclusive Deep Dive)
On June 2024, GitLab quietly resolved a dangerous security issue tracked as CVE-2025-12073. This Server-Side Request Forgery (SSRF) vulnerability affected GitLab Community Edition (CE) and
CVE-2026-20962 - How Use of Uninitialized Resource in DRTM Could Leak Your Local Secrets
Summary
On April 18, 2026, security researchers disclosed a new local information disclosure vulnerability, CVE-2026-20962, affecting systems with Dynamic Root of Trust for Measurement (DRTM)
CVE-2025-41115 - Exploiting SCIM Provisioning in Grafana to Impersonate and Elevate Privileges
In April, Grafana introduced SCIM provisioning via Grafana Enterprise and Grafana Cloud. The intention was to help organizations automate user management—handling onboarding, offboarding, and
CVE-2025-13193 - Information Disclosure in libvirt Due to World-Readable Inactive Snapshots
In early 2025, security researchers uncovered a serious vulnerability—CVE-2025-13193—affecting libvirt, a popular virtualization management toolkit. This flaw, tied directly to how libvirt handles
CVE-2025-25022 - Info Leak in IBM QRadar Suite & Cloud Pak for Security – Exploit & Analysis
A new critical vulnerability, CVE-2025-25022, has shaken the cybersecurity world. This flaw affects IBM QRadar Suite Software versions 1.10.12. through 1.11.2.
Episode
00:00:00
00:00:00