Overview
- SmarterTools
- SmarterMail
Description
Statistics
- 4 Posts
- 3 Interactions
Fediverse
Bluesky
Overview
- parallax
- jsPDF
Description
Statistics
- 1 Post
- 4 Interactions
Fediverse
โ๏ธCVE-2025-68428: Critical Path Traversal in jsPDF
GitHub: https://github.com/12nio/CVE-2025-68428_PoC
CVSS: 9.2
CVE Published: January 5th, 2026
Exploit Published: January 8th, 2026
News source: https://www.bleepingcomputer.com/news/security/critical-jspdf-flaw-lets-hackers-steal-secrets-via-generated-pdfs/
Overview
- Airoha Technology Corp.
- AB156x, AB157x, AB158x, AB159x series, AB1627
Description
Statistics
- 1 Post
- 2 Interactions
Overview
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
โ ๏ธ If you are running Next.js, you need to see this.
The "React2Shell" vulnerability (CVE-2025-55182) is currently making waves, and for good reason. Unauthenticated RCE on default configurations is about as critical as it gets for modern web frameworks.
If you haven't audited your versions yet, do it now.
See the full technical breakdown: ๐ https://www.cvedatabase.com/cve/CVE-2025-55182
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Overview
- adonisjs
- core
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
โ๏ธCVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.
PoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440
โช๏ธCVSS: 9.2
โช๏ธCVE Published: January 2nd, 2026
โช๏ธExploit Published: January 5th, 2026
Details:
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6. This issue has been patched in @adonisjs/bodyparser versions 10.1.2 and 11.0.0-next.6.
Overview
- Vito Peleg
- Atarim
- atarim-visual-collaboration
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
โ๏ธCVE-2025-60188: Atarim Plugin PoC Exploit
GitHub: https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
I'm not exactly sure why I'm doing this on a Sunday, and the hard work was done by others, but there you go; proposed fix for CVE-2026-0716. https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/494
Overview
- coreruleset
- coreruleset
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
์์ฆ ์ค๋ ๋์ RSA-2048์ ํด๋ ํ๋ค๋ ์๋ฐ์ด ์์ด์ ๊ธ์ ์ฒ์๋ถํฐ ๋๊น์ง ์ ๋ ํ๋ค.
๊ทธ๋ฆฌ๊ณ ์ฝ๋ ์์ด ๊ฐ๋ ์ ์ผ๋ก ๊ฐ๋ฅํ์ง ๋ฐ์ ธ๋ด. ์ด ์ฌ๋์ ์ฃผ์ฅ์ ๋๋ฌด ์ค๊ตฌ๋๋ฐฉ์ด๋ผ ๊น๋ํ๊ฒ ํ์ค๋ก ์์ฝํ๋ฉด ์ด๋ ๋ค.
"d = | q - p | ์ d(๊ฑฐ๋ฆฌ)๊ฐ 0์ ์๋ ดํ ์๋ก RSA๊ฐ ๊นจ์ง ๊ฐ๋ฅ์ฑ์ด ๋์์ง๋ค."
๊ทธ๋ฆฌ๊ณ ์ด๊ฑด ์ผ์ถ ์ฌ์ค์ ๋ง์.
๊ฑฐ๋ฆฌ๊ฐ ๊ฐ๊น์์ง์๋ก Fermat's Factorization๋ฅผ ์ด์ฉํ ๊ณต๊ฒฉ์ด ๊ฐ๋ฅํด์ง๊ณ , ์ด์ ๊ด๋ จ๋ ๊ณต์ ์ทจ์ฝ์ CVE (์: CVE-2022-26320)๋ ์กด์ฌํ๋ค.
์ฐธ๊ณ ๋ก ์ด๋ ค์ด๊ฒ ์๋๋ผ ๊ณ ๋ฑ๊ณผ์ ๊ณฑ์ ๊ณต์ ์ค ํ๋๋ค.
RSA-2048์์๋ ์ฌ์ค์ ๋ถ๊ฐ๋ฅํ๊ณ , RSA-256 ์์ค์์ ๊ฐ๋ฅํ ์ ์๋ค. (RSA-2048์ ํน์ ์กฐ๊ฑด ๋ง์กฑ์ ๊ฐ๋ฅ)
RSA-2048์ ํ์๋ค๊ณ ์ฃผ์ฅํ์๋ ๋ถ์ด ์ฌ๋ฆฐ ์ฝ๋๋ฅผ ๋ดค์ ๋, ๊ทธ๋ฅ q๋ฅผ ์ ์ฅํด๋๊ณ n mod q ๋จน์ฌ์ 0์ด ๋๋์ง ํ์ธํ๊ณ p๋ฅผ ์ ๋ํ๋ ๊ฒ์.
๊ทธ๋ฅ ๋ต์ง๊ฐ์ง๊ณ ์ฅ๋์น๋๊ฑฐ๋ผ ์๊ฐํ๋ฉด ๋๋ค.