CVE-2025-23047 - Sensitive Data Exposure in Cilium Hubble UI via Insecure CORS Settings
CVE-2025-23047 is a recently disclosed security vulnerability affecting Cilium, a widely-used networking, observability, and security solution for containerized environments like Kubernetes. The issue involves insecure
CVE-2025-24397 - How an Incorrect Permission Check in Jenkins GitLab Plugin Leaks Credential IDs
On March 18, 2025, CVE-2025-24397 was published, spotlighting a serious security issue in the widely used Jenkins GitLab Plugin. This vulnerability affects versions 1.9.
CVE-2025-24400 - Security Flaw in Jenkins Eiffel Broadcaster Plugin Allows Credential Confusion and Unauthorized Event Publishing
CVE-2025-24400 is a recently disclosed security vulnerability affecting Jenkins users who rely on the Eiffel Broadcaster Plugin, specifically versions 2.8. through 2.10.2.
CVE-2025-24399 - Case Insensitivity Flaw in Jenkins OpenId Connect Authentication Plugin – How Attackers Can Hijack Admin Accounts
Jenkins is a widely-used open source automation server that helps automate the parts of software development related to building, testing, and deploying. If you’re
CVE-2025-20128 - ClamAV OLE2 Integer Underflow Denial of Service Vulnerability Explained
A new security flaw was discovered in ClamAV, the popular open-source antivirus engine widely used to fight malware in emails, web proxies, and gateways. Identified
Episode
00:00:00
00:00:00