Overview
Description
Statistics
- 2 Posts
Fediverse

🔐 Symfony UX CVE-2025-47946: Unsanitized HTML attribute injection via ComponentAttributes
➡️ https://symfony.com/blog/symfony-ux-cve-2025-47946-unsanitized-html-attribute-injection-via-componentattributes

Symfony UX CVE-2025-47946: Unsanitized HTML attribute injection via ComponentAttributes. #symfony
https://symfony.com/blog/symfony-ux-cve-2025-47946-unsanitized-html-attribute-injection-via-componentattributes?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Overview
- ConnectWise
- Risk Assessment
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse

Bwahahahahaha
https://github.com/packetlabs/vulnerability-advisory/blob/main/Disclosures/PL-2025-11315/README.md
sev:MED 6.0 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
The ConnectWise-Password-Encryption-Utility.exe binary contains hardcoded encryption keys in plaintext which can be extracted by an attacker analyzing the binary strings.
Overview
- openpgpjs
- openpgpjs
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse

Oh my.
https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-8qff-qr5q-5pr8
sev:HIGH 8.7 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either
openpgp.verify
oropenpgp.decrypt
, causing these functions to return a valid signature verification result while returning data that was not actually signed. This flaw allows signature verifications of inline (non-detached) signed messages (usingopenpgp.verify
) and signed-and-encrypted messages (usingopenpgp.decrypt
withverificationKeys
) to be spoofed, since both functions return extracted data that may not match the data that was originally signed. Detached signature verifications are not affected, as no signed data is returned in that case. In order to spoof a message, the attacker needs a single valid message signature (inline or detached) as well as the plaintext data that was legitimately signed, and can then construct an inline-signed message or signed-and-encrypted message with any data of the attacker's choice, which will appear as legitimately signed by affected versions of OpenPGP.js. In other words, any inline-signed message can be modified to return any other data (while still indicating that the signature was valid), and the same is true for signed+encrypted messages if the attacker can obtain a valid signature and encrypt a new message (of the attacker's choice) together with that signature. The issue has been patched in versions 5.11.3 and 6.1.1. Some workarounds are available. When verifying inline-signed messages, extract the message and signature(s) from the message returned byopenpgp.readMessage
, and verify the(/each) signature as a detached signature by passing the signature and a new message containing only the data (created usingopenpgp.createMessage
) toopenpgp.verify
. When decrypting and verifying signed+encrypted messages, decrypt and verify the message in two steps, by first callingopenpgp.decrypt
withoutverificationKeys
, and then passing the returned signature(s) and a new message containing the decrypted data (created usingopenpgp.createMessage
) toopenpgp.verify
.
Overview
- auth0
- auth0-PHP
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse

🚨 A critical vulnerability (CVE-2025-47275) in the Auth0 SDK exposes Symfony, Laravel, and WordPress users to brute-force session attacks. Okta has released patches—learn how to protect your application now.
#SecurityLand #CyberWatch #Auth0 #Okta #PHP #Laravel #WordPress #Symfony #Vulnerability #Patch
Description
Statistics
- 2 Posts
Fediverse

https://github.com/v-p-b/xss-reflections
RE: https://mastodon.social/@cisakevtracker/114535804613431399
Overview
Description
Statistics
- 2 Posts
Fediverse

RE: https://mastodon.social/@cisakevtracker/114535806650652126
Overview
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse

https://www.ibm.com/support/pages/node/7233799?myns=swgother&mynp=OCSWG60&mynp=OCSSKWKM&mynp=OCSSC5L9&mynp=OCSSTS2D&mynp=OCSS9QQS&mynp=OCSSB23CE&mync=A&cm_sp=swgother-_-OCSWG60-OCSSKWKM-OCSSC5L9-OCSSTS2D-OCSS9QQS-OCSSB23CE-_-A
#IBMi
Overview
- Qualcomm, Inc.
- Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
Description
Statistics
- 1 Post
Fediverse

something I'm still curious about is wtf was CVE-2021-30327, allegedly some buffer overflow in EDL but there's not much to go off of.
The only hints I have atm are like,
- sxr2130 allows trying to upload an image again, and sigchecks happen after the segments are loaded into RAM
- sxr2250 has a lot of bounds checks near a memsz vs filesz memset for the sig segment
- MBNv7 changes in general
Overview
- Microsoft
- Windows Server 2019
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 2 Posts
Fediverse

🚨Spike in Fortinet CVE-2024-55591 vulnerability rapidly increased in the past week 👇
The #CrowdSec Network has detected a wave of exploitation attempts targeting CVE-2024-55591, a Fortinet vulnerability that affects FortiWAN versions before 5.3.2. First seen on April 23rd, the CrowdSec Network still sees elevated levels of probing and exploitation.
ℹ️ About the exploit:
This flaw allows remote attackers to perform unauthenticated command injection on exposed FortiWAN instances. This vulnerability affects FortiWAN versions prior to 5.3.2. It enables attackers to execute arbitrary commands via crafted HTTP requests — no authentication required.
🔎 Trend analysis:
🔹 April 23rd: The CrowdSec Network detects a shift in the long-term trend of CVE-2024-55591 exploits.
🔹 April 23rd - April 28th: Activity increases rapidly from 30 to about 80 malicious IPs reported daily, producing over 400 distinct attack events.
🔹 April 29 - May 2nd: The attackers take a break. This provides a key point of insight into the nature of this attack campaign.
🔹 May 3rd - May 19th: The attack picks back up with increased intensity. It now originates from around 200 unique IP addresses per day and produces about 900 attack events per day.
🔹 May 19th: The CrowdSec Network still sees elevated levels of probing and exploitation attempts.
✅ How to protect your systems:
🔹 You can use CrowdSec’s open CTI search bar and blocklists to stay ahead of the curve. https://app.crowdsec.net/cti?q=cves%3A%22CVE-2024-55591%22&page=1
🔹 Alternatively, you can use CrowdSec’s newest tool, IPDEX, to build instant reports for this particular CVE and explore the data CrowdSec has aggregated. https://www.crowdsec.net/blog/introducing-crowdsec-ipdex
For more information, visit 👉 http://crowdsec.net 🧵[1/2]
#CyberSecurity #CrowdSec #CTI #Fortinet #CVE202455591 #Infosec #ThreatIntel #OpenSourceSecurity

As the image shows, we see that inside the results, many actors are classified as benign, which confirms that although the exploit is dangerous, the actual campaign is not. This level of enrichment provided by CrowdSec CTI helps security teams prioritize alerts, and IPDEX supports this workflow, allowing analysts to filter out harmless campaigns such as the one by the Shadowserver Foundation. You can also add a filter within IPDEX to remove those benign actors and filter on the date of last activity.
You can get started with IPDEX by heading over to the CrowdSec GitHub 👉 https://github.com/crowdsecurity/ipdex
🧵[2/2]
#CrowdSec #CyberSecurity #CTI #Fortinet #CVE202455591 #Infosec #ThreatIntel #OpenSourceSecurity