CVE-2023-40827 - Remote Code Execution & Information Leak in PF4J via `loadpluginPath` Parameter
On August 2023, a serious security vulnerability was discovered in PF4J (v.3.9. and prior), a popular Java plugin framework. Identified as CVE-2023-40827, this
CVE-2023-40826 - Exploiting the pf4j `zipPluginPath` Vulnerability for Remote Code Execution
*CVE-2023-40826* shines a spotlight on a dangerous security weakness found in the pf4j plugin system, specifically versions up to 3.9.. With this vulnerability, attackers