CVE-2025-1801 - Race Condition in Ansible AAP Gateway Exposes JWTs to Lower Privileged Users
#### June 2024 has seen the cybersecurity community alerted to a serious new vulnerability, CVE-2025-1801, affecting Ansible’s automation platform gateway (aap-gateway). This flaw could allow
CVE-2025-27097 - Variable Caching Flaw in GraphQL Mesh Federation Gateway Leads to Memory Leak and Token Replay
Published: June 2024
TL;DR
A security vulnerability in GraphQL Mesh (CVE-2025-27097) affects applications using GraphQL Mesh as a federation gateway. When using transforms at
CVE-2025-27098 - Static File Path Traversal Vulnerability in GraphQL Mesh – Details, Exploit, and How to Fix
GraphQL Mesh is a powerful gateway and federation framework that gives you the flexibility to connect not just GraphQL subgraphs, but also REST APIs, gRPC
CVE-2025-0110: Command Injection Vulnerability in Palo Alto Networks PAN-OS OpenConfig plugin
The Palo Alto Networks PAN-OS OpenConfig plugin is found to have a command injection vulnerability (CVE-2025-0110) that allows authenticated administrators to bypass system restrictions and
CVE-2025-1243 - Data Converter Not Applied to Update Responses in Temporal api-go Proxy (<v1.44.1)
Temporal is a popular open-source workflow orchestration platform often used by companies to build distributed applications. The api-go library is one of the main ways
Episode
00:00:00
00:00:00