CVE-2025-2559 - Keycloak JWT Caching Bug Can Trigger OutOfMemoryError and DoS
Keycloak is a widely-used open source identity and access management (IAM) solution. It provides single sign-on with Identity Brokering and Social Login, and is deployed
CVE-2025-27553 - Path Traversal Vulnerability in Apache Commons VFS before 2.10.
Apache Commons VFS is a popular Java library that provides a single API for accessing various different file systems, such as local files, FTP, SFTP,
CVE-2024-58103 - Square Wire’s Missing Recursion Limit Exposes ProtoReader Exploit
In June 2024, a significant vulnerability was discovered in Square’s Wire library (before version 5.2.). The flaw, registered as CVE-2024-58103, impacts parsing logic
CVE-2025-27496 - How a Logging Flaw in Snowflake JDBC Driver Could Leak Client-Side Encryption Keys
Snowflake’s cloud data platform is widely used for artificial intelligence workloads and large-scale data processing. But even the biggest platforms can have unexpected security
CVE-2020-36843: EdDSA-Java Signature Malleability Exploit in Versions through .3.
A security vulnerability has recently been discovered in the EdDSA-Java (aka ed25519-java) library, specifically in versions up to and including .3.. This vulnerability, documented as
Episode
00:00:00
00:00:00