CVE-2025-27820 - How a Tiny Bug in Apache HttpClient 5.4.x Broke Cookie Security and Hostname Checks
In early 2025, the Apache HttpClient team uncovered a subtle but critical bug in their popular HTTP communication library, culminating in the vulnerability tracked as
CVE-2024-41446 - Stored XSS Vulnerability in Alkacon OpenCMS v17. — How Attackers Can Steal Your Session
A critical security bug, CVE-2024-41446, has been discovered in Alkacon OpenCMS v17.—a popular open-source content management system. This vulnerability allows hackers to run any
CVE-2025-30706 - Remote Code Execution in Oracle MySQL Connector/J (9..-9.2.) — Deep Dive and Exploit Example
Published: June 2024
Affected Products: Oracle MySQL (Connector/J versions 9.. to 9.2.)
CVSS Base Score: 7.5 (High)
Vector: CVSS:3.1/AV:
CVE-2025-30698 - Oracle Java SE 2D Component Flaw Explained with Code Example and Exploit Details
*Last updated: June 2024*
Introduction
A new vulnerability tracked as CVE-2025-30698 was discovered in *Oracle Java SE*, *Oracle GraalVM for JDK*, and *Oracle GraalVM Enterprise
CVE-2025-30691 - Oracle Java SE Compiler Vulnerability Deep Dive
A new security vulnerability has been disclosed: CVE-2025-30691, affecting Oracle Java SE’s Compiler component. This flaw, marked with a CVSS 3.1 base score
Episode
00:00:00
00:00:00