CVE-2025-25977 - Remote Code Execution in canvg v4..2 via StyleElement Constructor
A new critical security flaw, CVE-2025-25977, has been discovered in canvg, a popular JavaScript library for rendering SVGs on Canvas. This vulnerability affects version v4.
CVE-2025-26865 - Deep Dive into the Apache OFBiz Template Engine Vulnerability
In June 2024, a critical vulnerability surfaced in Apache OFBiz — a popular open source enterprise resource planning (ERP) suite used by businesses worldwide. Tracked as
CVE-2025-27607 - Remote Code Execution via Dependency Takeover in Python JSON Logger
Between December 30, 2024, and March 4, 2025, users of Python JSON Logger were at risk of a serious vulnerability that could allow an attacker
CVE-2025-27597 - Prototype Pollution in Vue I18n Could Lead to Severe Security Risks
Vue I18n is a widely used internationalization (i18n) plugin for Vue.js. It lets developers add multilingual support to their Vue apps easily. However, a
CVE-2025-27516 - Jinja ‘attr’ Filter Bypass Leads to Remote Code Execution
Jinja is one of the most popular template engines in the Python ecosystem. It's foundational to Flask, Ansible, SaltStack, and many custom web
Episode
00:00:00
00:00:00