CVE-2025-2311 - Breaking Down the SecHard Pre-3.3..20220411 Vulnerability – Authentication Bypass, Credential Exposure, and API Abuse
Published: June 2024
Affected Product: SecHard (by Sechard Information Technologies)
Affected Version: Before 3.3..20220411
The security community has identified a serious vulnerability in
CVE-2025-1198 - How Personal Access Token Revocation Was Bypassed in GitLab ActionCable (With Exploit Insight)
---
What Is CVE-2025-1198?
In early 2025, GitLab patched a critical security flaw: CVE-2025-1198. The bug affects *all versions* of GitLab CE/EE from 16.
CVE-2025-24010 - How Vite’s CORS Misconfig Exposed Developers to Data Leaks
Summary:
Vite, a popular frontend tool for JavaScript, had a major vulnerability (CVE-2025-24010), letting any website send requests to Vite’s dev server and read
CVE-2024-55591 - Authentication Bypass in FortiOS and FortiProxy via Node.js WebSocket
On June 2024, a severe vulnerability was disclosed in Fortinet’s FortiOS and FortiProxy products, identified as CVE-2024-55591. The flaw enables remote attackers to escalate
CVE-2024-54151 - Critical Directus WebSockets Vulnerability—How Unauthenticated Users Can Become Admins
Directus is a popular open-source platform that turns any SQL database into a powerful real-time API and user-friendly admin dashboard. With Directus, teams can manage
Episode
00:00:00
00:00:00