CVE-2025-26465 - OpenSSH's VerifyHostKeyDNS Flaw Enables Complex Machine-in-the-Middle Attack
In early 2025, a new security vulnerability was discovered in OpenSSH. Tracked as CVE-2025-26465, this issue impacts OpenSSH clients when the VerifyHostKeyDNS option is turned
CVE-2025-1146 - CrowdStrike Falcon TLS Validation Vulnerability Exposed
CrowdStrike is a leading cybersecurity platform trusted by organizations around the globe. Its Falcon sensor is deployed widely, especially on Linux servers and within Kubernetes
CVE-2024-12797 - How a Raw Public Key TLS Authentication Bug in OpenSSL Can Let MITM Attacks Slip Through
---
Introduction
In March 2024, a significant vulnerability—CVE-2024-12797—was disclosed in OpenSSL affecting some clients using RFC725 Raw Public Keys (RPK) for TLS or
CVE-2025-1014 - Unchecked Certificate Length in Firefox and Thunderbird – Analysis, Code Example, and Exploit Details
On June 2024, Mozilla disclosed a new security vulnerability tracked as CVE-2025-1014. This flaw affects some of the most widely used open-source browsers and email
CVE-2025-23028 - Denial of Service in Cilium DNS Proxy (Exclusive Breakdown & Exploit Details)
Cilium is a popular networking, observability, and security layer for Kubernetes clusters. It uses eBPF, a powerful Linux kernel technology, to manage network traffic and
Episode
00:00:00
00:00:00