CVE-2024-9771 - How a Stored XSS in WP-Recall Plugin Let Admins Attack WordPress Sites Even Without “Unfiltered HTML”
A significant security bug, tracked as CVE-2024-9771, was discovered in the popular WP-Recall WordPress plugin. This vulnerability affects all versions before 16.26.12. What
CVE-2025-46579 - DDE Injection Vulnerability in GoldenDB – How Hackers Can Sneak in Commands
GoldenDB is a well-known database product that’s widely used in financial and commercial sectors. Recently, security researchers have identified a serious vulnerability—CVE-2025-46579—that
CVE-2025-46646 - Ghostscript's Incomplete Patch Creates Overlong UTF-8 Decoding Risk
Artifex Ghostscript is a popular open source tool for processing PDFs, PostScript files, and other document formats. On June 2024, a new vulnerability (CVE-2025-46646) was
CVE-2024-53636 - Exploiting Arbitrary File Upload in Serosoft Academia SIS EagleR-1..118
A serious security vulnerability has been discovered in the Serosoft Academia Student Information System (SIS) EagleR-1..118. Identified as CVE-2024-53636, this flaw allows an attacker
CVE-2025-3935 - ScreenConnect ViewState Injection Vulnerability Explained
ScreenConnect, a popular remote support tool, faces a new security buzz with the identification of CVE-2025-3935. This technical post unpacks what this vulnerability really means,
Episode
00:00:00
00:00:00