CVE-2025-1063 - Exploiting Sensitive Data Exposure in The Classified Listing – Classified Ads & Business Directory Plugin for WordPress (Up to v4..4)
WordPress powers millions of websites, and plugins bring essential features to site owners. But what happens when a plugin has a vulnerability that leaks sensitive
CVE-2025-1646 - Critical Unrestricted File Upload Vulnerability in Lumsoft ERP 8 (ASPX File Handler Exploit Guide)
A new critical security vulnerability has been identified in Lumsoft ERP 8, impacting the /Api/TinyMce/UploadAjaxAPI.ashx endpoint. This vulnerability, tracked as CVE-2025-1646, allows
CVE-2025-27144 - Denial of Service in Go JOSE Due to Excessive Memory Usage on Malicious JWT Input
Go JOSE is a popular Go library that makes dealing with JWT, JWE, and JWS standards easy and safe. However, if you are using version
CVE-2025-27364 - RCE in MITRE Caldera Through Agent Compilation API (Full Exploit and Deep Dive)
If you run MITRE Caldera, especially versions through 4.2. and 5.. before commit 35bc06e, you should know about a critical Remote Code Execution (RCE)
CVE-2024-56897 - Unlocking the Risks in YI Car Dashcam v3.88 — Files & Commands Wide Open
YI Technology is known for its affordable car dashcams, but its model v3.88 is making headlines for all the wrong reasons. CVE-2024-56897 exposes a
Episode
00:00:00
00:00:00