Overview
- github.com/chaos-mesh/chaos-mesh
Description
Statistics
- 2 Posts
Fediverse

Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes
cluster takeover
https://jfrog.com/blog/chaotic-deputy-critical-vulnerabilities-in-chaos-mesh-lead-to-kubernetes-cluster-takeover/
JFrog Security Research recently discovered and disclosed multiple CVEs in the
highly popular Chaos engineering platform – Chaos-Mesh. The discovered CVEs,
which we’ve named Chaotic Deputy are CVE-2025-59358, CVE-2025-59360,
CVE-2025-59361 and CVE-2025-59359. The last three Chaotic Deputy CVEs are
critical severity (CVSS 9.8) vulnerabilities which can be easily exploited by
in-cluster attackers to run arbitrary code on any pod in the cluster, even in
the default configuration of Chaos-Mesh.
Users of Chaos-Mesh are recommended to upgrade Chaos-Mesh to the fixed version
– 2.7.3, as soon as possible. If you are unable to upgrade your Chaos-Mesh
version, see our “Workarounds” section below. Some infrastructures that use
Chaos-Mesh are also affected by these vulnerabilities, for example Azure Chaos
Studio. In this technical blogpost, we will delve deeper into the inner
workings of the Chaos-Mesh platform and explain the issues that led to these
vulnerabilities.
Overview
- github.com/chaos-mesh/chaos-mesh
Description
Statistics
- 2 Posts
Fediverse

Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes
cluster takeover
https://jfrog.com/blog/chaotic-deputy-critical-vulnerabilities-in-chaos-mesh-lead-to-kubernetes-cluster-takeover/
JFrog Security Research recently discovered and disclosed multiple CVEs in the
highly popular Chaos engineering platform – Chaos-Mesh. The discovered CVEs,
which we’ve named Chaotic Deputy are CVE-2025-59358, CVE-2025-59360,
CVE-2025-59361 and CVE-2025-59359. The last three Chaotic Deputy CVEs are
critical severity (CVSS 9.8) vulnerabilities which can be easily exploited by
in-cluster attackers to run arbitrary code on any pod in the cluster, even in
the default configuration of Chaos-Mesh.
Users of Chaos-Mesh are recommended to upgrade Chaos-Mesh to the fixed version
– 2.7.3, as soon as possible. If you are unable to upgrade your Chaos-Mesh
version, see our “Workarounds” section below. Some infrastructures that use
Chaos-Mesh are also affected by these vulnerabilities, for example Azure Chaos
Studio. In this technical blogpost, we will delve deeper into the inner
workings of the Chaos-Mesh platform and explain the issues that led to these
vulnerabilities.
Overview
- github.com/chaos-mesh/chaos-mesh
Description
Statistics
- 2 Posts
Fediverse

Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes
cluster takeover
https://jfrog.com/blog/chaotic-deputy-critical-vulnerabilities-in-chaos-mesh-lead-to-kubernetes-cluster-takeover/
JFrog Security Research recently discovered and disclosed multiple CVEs in the
highly popular Chaos engineering platform – Chaos-Mesh. The discovered CVEs,
which we’ve named Chaotic Deputy are CVE-2025-59358, CVE-2025-59360,
CVE-2025-59361 and CVE-2025-59359. The last three Chaotic Deputy CVEs are
critical severity (CVSS 9.8) vulnerabilities which can be easily exploited by
in-cluster attackers to run arbitrary code on any pod in the cluster, even in
the default configuration of Chaos-Mesh.
Users of Chaos-Mesh are recommended to upgrade Chaos-Mesh to the fixed version
– 2.7.3, as soon as possible. If you are unable to upgrade your Chaos-Mesh
version, see our “Workarounds” section below. Some infrastructures that use
Chaos-Mesh are also affected by these vulnerabilities, for example Azure Chaos
Studio. In this technical blogpost, we will delve deeper into the inner
workings of the Chaos-Mesh platform and explain the issues that led to these
vulnerabilities.
Overview
- Dassault Systèmes
- SOLIDWORKS eDrawings
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse

Some SOLIDWORKS CVEs for those that are interested.
https://www.cve.org/CVERecord?id=CVE-2025-9447
Overview
- Dassault Systèmes
- SOLIDWORKS eDrawings
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse

Some SOLIDWORKS CVEs for those that are interested.
https://www.cve.org/CVERecord?id=CVE-2025-9447
Overview
- Dassault Systèmes
- SOLIDWORKS eDrawings
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse

Some SOLIDWORKS CVEs for those that are interested.
https://www.cve.org/CVERecord?id=CVE-2025-9447
Overview
- Hewlett Packard Enterprise (HPE)
- HPE Aruba Networking EdgeConnect SD-WAN Gateway
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
Overview
- Hewlett Packard Enterprise (HPE)
- HPE Aruba Networking EdgeConnect SD-WAN Gateway
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
Overview
- Hewlett Packard Enterprise (HPE)
- HPE Aruba Networking EdgeConnect SD-WAN Gateway
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
Overview
Description
Statistics
- 1 Post