CVE-2025-32955 - Harden-Runner `disable-sudo` Policy Bypass via Docker Group on GitHub Actions
Harden-Runner is a security agent designed to protect your Continuous Integration and Deployment (CI/CD) workflows in GitHub Actions. It works much like an endpoint
CVE-2025-32793 - Cilium WireGuard Transparent Encryption Vulnerability Exploited – What You Need to Know
Cilium is widely recognized for powering secure, observable Kubernetes networking with blazing performance thanks to eBPF. But in early 2025, researchers and Cilium developers flagged
CVE-2024-12862 - How a Simple Authorization Flaw Lets Users Remove External Collaborators in OpenText Content Server
OpenText Content Server is a widely used enterprise content management system that helps organizations store, manage, and access vast amounts of documents and information. But
CVE-2024-41446 - Stored XSS Vulnerability in Alkacon OpenCMS v17. — How Attackers Can Steal Your Session
A critical security bug, CVE-2024-41446, has been discovered in Alkacon OpenCMS v17.—a popular open-source content management system. This vulnerability allows hackers to run any
CVE-2025-43970 - Input Length Validation Flaw in GoBGP (Pre-3.35.) Exposes Packet Parsing Vulnerability
In the world of network routing, GoBGP stands out as a popular, open-source BGP implementation written in Go. Unfortunately, a security flaw tagged as CVE-2025-43970
Episode
00:00:00
00:00:00