CVE-2025-0516 - Exploiting Improper Authorization in GitLab CE/EE - How Limited Users Gain Unauthorized Access to Critical Project Data
On January 18, 2025, GitLab published an advisory for CVE-2025-0516, which discloses a serious improper authorization vulnerability in both GitLab Community Edition (CE) and Enterprise
CVE-2025-1061 - Authentication Bypass Vulnerability in Nextend Social Login Pro Lets Attackers Impersonate Any WordPress User
In early 2025, a critical vulnerability was discovered in the popular Nextend Social Login Pro plugin for WordPress. Tracked as CVE-2025-1061, this flaw impacts plugin
CVE-2024-1211 - GitLab JWT OmniAuth CSRF Vulnerability Explored
If your organization uses GitLab for source control and has enabled JWT as an OmniAuth provider, you may be at risk of a newly disclosed
CVE-2025-22610 - Unauthorized Access to OAuth Secrets in Coolify (Explained and Exploited)
Coolify is an open-source and self-hostable platform that helps developers manage servers, applications, and databases—kind of like your all-in-one digital Swiss Army knife. But
CVE-2025-23040 - GitHub Desktop Vulnerability Leaks User Credentials via Malicious Remote URLs
In early 2025, security researchers and the GitHub Security team identified and patched a significant vulnerability (CVE-2025-23040) in GitHub Desktop, a popular open-source Electron-based application
Episode
00:00:00
00:00:00