CVE-2025-1386 - Exploiting Query Smuggling in ch-go via Malicious External Data
Introduction
In June 2025, a critical security vulnerability was uncovered in the popular Go client library, ch-go, used to communicate with ClickHouse databases. Catalogued as
CVE-2025-32743 - Exploiting a Dangerous NULL Lookup Bug in ConnMan’s DNS Proxy
CVE-2025-32743 is a fresh vulnerability affecting ConnMan, the popular connection manager used on Linux-based systems and embedded devices. This bug can be abused to crash
CVE-2025-32395 - Understanding the Vite Dev Server File Disclosure Vulnerability
Vite has quickly risen as the frontend tooling choice for modern JavaScript developers, prized for its lightning-fast server startup and hot module reload. But as
CVE-2025-2408 - GitLab’s IP Restriction Bypass Exposed Sensitive Data (Exclusive Overview & Exploit Details)
A new vulnerability—CVE-2025-2408—has been uncovered in GitLab Community and Enterprise Editions, affecting versions from 13.12 all the way up to but not
CVE-2025-3102 - SureTriggers WordPress Plugin Authentication Bypass – How Attackers Can Forge Admin Accounts
The security of your WordPress website is only as strong as the plugins you use. Recently, a critical vulnerability known as CVE-2025-3102 has been discovered
Episode
00:00:00
00:00:00