CVE-2025-11932 - How a Non-Constant Time PSK Binder Leak Can Break Your TLS 1.3 Security
CVE-2025-11932 is a newly disclosed vulnerability affecting certain TLS 1.3 server implementations. The issue? The server used a non-constant time method to verify the
CVE-2025-11931 - Integer Underflow in XChaCha20-Poly1305 Decrypt Leads to Out-of-Bounds Access
A new vulnerability, CVE-2025-11931, has been discovered in the implementation of XChaCha20-Poly1305 in several open-source cryptographic libraries. This bug specifically affects direct uses of the
CVE-2025-11001 - 7-Zip ZIP File Directory Traversal RCE Explained (with Exploit Details)
In early 2025, a new critical vulnerability was identified in the widely used 7-Zip compression software. Tracked as CVE-2025-11001 (formerly ZDI-CAN-26753), this flaw allows an
CVE-2025-58034 - Exploiting OS Command Injection in Fortinet FortiWeb (Full Guide & Code Examples)
A recently disclosed vulnerability, CVE-2025-58034, is shaking up the world of Fortinet users. This critical flaw, categorized as CWE-78: Improper Neutralization of Special Elements used
CVE-2025-10158 - Exploiting Out-of-Bounds Read in rsync with Malicious Client and Negative Array Index
Summary:
In early 2024, security researchers uncovered a bug in the popular file transfer tool, rsync, that can lead to sensitive information disclosure if exploited
Episode
00:00:00
00:00:00