CVE-2024-11957 - Breaking Down an Unpatched Digital Signature Bug in Kingsoft WPS Office (ksojscore.dll) Enabling Arbitrary DLL Loading
Kingsoft WPS Office is a widely-used productivity suite that's especially popular in China and among users who want a free alternative to Microsoft
CVE-2025-0684 - Exploiting Grub2's ReiserFS Symlink Handling for Secure Boot Bypass
_Discovered in early 2025, CVE-2025-0684 exposes a critical flaw in GRUB2's implementation of the ReiserFS filesystem. This vulnerability lets attackers craft malicious ReiserFS
CVE-2024-55532 - Formula Injection in Apache Ranger CSV Export—How Hackers Can Turn Your CSV Into Their Playground
In April 2024, a new vulnerability emerged for everyone who uses Apache Ranger: CVE-2024-55532. This flaw deals with something that sounds boring but can be
CVE-2025-25953 - Azure JWT Access Token Exposure in Serosoft Academia SIS EagleR v1..118
In early 2025, a critical security flaw labeled CVE-2025-25953 was discovered in the Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1..118.
CVE-2025-27142 - Critical Path Traversal and RCE Vulnerability in LocalSend (Pre-1.17.)
LocalSend is a popular, open-source application for secure, direct file and message transfers over local networks—no Internet required. It’s loved for its simplicity:
Episode
00:00:00
00:00:00