24h | 7d | 30d

CVE-2025-68705

Overview

  • rustfs
  • rustfs
07 Jan 2026
Published
07 Jan 2026
Updated
CVSS v4.0
HIGH (8.8)
EPSS
0.04%
KEV

Description

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-alpha.78, RustFS contains a path traversal vulnerability in the /rustfs/rpc/read_file_stream endpoint. This issue has been patched in version 1.0.0-alpha.79.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Zardus @Zardus

@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.

First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.

The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.

This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (newsletter.semianalysis.com/p/), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).

The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as dpc.pw/posts/i-dont-want-your-), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 cs.fsu.edu/~whalley/papers/tec). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.

Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!

Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).

Thanks again for taking the time to write your thoughts down; looking forward to more discussion!

  • 0
  • 2
  • 0
  • 23h ago

CVE-2025-29787

Overview

  • zip-rs
  • zip2
17 Mar 2025
Published
19 Mar 2025
Updated
CVSS v4.0
HIGH (7.3)
EPSS
0.33%
KEV

Description

`zip` is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction routine of affected versions of the `zip` crate starting with version 1.3.0 and prior to version 2.3.0, symbolic links earlier in the archive are allowed to be used for later files in the archive without validation of the final canonicalized path, allowing maliciously crafted archives to overwrite arbitrary files in the file system when extracted. Users who extract untrusted archive files using the following high-level API method may be affected and critical files on the system may be overwritten with arbitrary file permissions, which can potentially lead to code execution. Version 2.3.0 fixes the issue.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Zardus @Zardus

@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.

First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.

The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.

This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (newsletter.semianalysis.com/p/), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).

The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as dpc.pw/posts/i-dont-want-your-), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 cs.fsu.edu/~whalley/papers/tec). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.

Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!

Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).

Thanks again for taking the time to write your thoughts down; looking forward to more discussion!

  • 0
  • 2
  • 0
  • 23h ago

CVE-2025-20362

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
25 Sep 2025
Published
26 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
46.92%
KEV

Description

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Statistics

  • 1 Post
Last activity: 22 hours ago

Fediverse

Profile picture fallback
CyberNetsecIO @netsecio

📰 CISA Discovers 'FIRESTARTER' Backdoor on Federal Cisco Firewall; Malware Survives Patches

🔥 CISA finds new 'FIRESTARTER' backdoor on a federal agency's Cisco firewall. The malware survives patches and firmware updates, allowing persistent access. Exploited CVE-2025-20333 & CVE-2025-20362. #CyberSecurity #CISA #Backdoor #Cisco

🔗 cyber.netsecops.io

  • 0
  • 0
  • 0
  • 22h ago

CVE-2025-20333

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
25 Sep 2025
Published
26 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
24.78%
KEV

Description

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

Statistics

  • 1 Post
Last activity: 22 hours ago

Fediverse

Profile picture fallback
CyberNetsecIO @netsecio

📰 CISA Discovers 'FIRESTARTER' Backdoor on Federal Cisco Firewall; Malware Survives Patches

🔥 CISA finds new 'FIRESTARTER' backdoor on a federal agency's Cisco firewall. The malware survives patches and firmware updates, allowing persistent access. Exploited CVE-2025-20333 & CVE-2025-20362. #CyberSecurity #CISA #Backdoor #Cisco

🔗 cyber.netsecops.io

  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-42167

Overview

  • ProFTPD
  • ProFTPD
28 Apr 2026
Published
28 Apr 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.24%
KEV

Description

mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture fallback
DragonJAR @dragonjar

En las últimas 24 horas se detectaron vulnerabilidades críticas que permiten ejecución remota de código en ProFTPD y GitHub Enterprise Server, y una rápida explotación de SQL Injection en LiteLLM compromete datos en la nube; además, el ransomware VECT 2.0 destruye archivos irreversiblemente en múltiples sistemas, aumentando el riesgo. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 29/04/26 📆 |====

🔓 CVE-2026-42167 PERMITE EVITAR AUTENTICACIÓN Y EJECUCIÓN DE CÓDIGO EN PROFTPD

Se ha identificado una grave vulnerabilidad en ProFTPD, catalogada como CVE-2026-42167, que permite saltarse procesos de autenticación, elevar privilegios y ejecutar código arbitrario. Esta falla representa un riesgo significativo para servidores FTP que no estén actualizados. Se recomienda aplicar la actualización que MITRE y los desarrolladores emitirán próximamente para mitigar posibles ataques. Mantente alerta y protege tus sistemas. Descubre todos los detalles sobre esta vulnerabilidad y cómo protegerte aquí 👉 djar.co/tWdN

💻 VULNERABILIDAD CRÍTICA RCE EN GITHUB ENTERPRISE SERVER CVE-2026-3854

GitHub Enterprise Server enfrenta una vulnerabilidad con un puntaje CVSS de 8.7 que permite la ejecución remota de código, poniendo en riesgo repositorios y datos sensibles de las organizaciones. Esta amenaza impacta directamente en la integridad y la seguridad de los entornos corporativos que utilizan esta plataforma. La actualización inmediata es vital para evitar compromisos graves. Analiza a fondo la vulnerabilidad y las versiones afectadas para tomar acción rápida. Más información y recomendaciones aquí 👉 djar.co/lWbCh

⚠️ EXPLOTACIÓN RÁPIDA DE SQL INJECTION EN LITELLM CVE-2026-42208

En un caso alarmante, la vulnerabilidad SQL Injection CVE-2026-42208 en LiteLLM fue aprovechada en menos de 36 horas tras su divulgación, comprometiendo credenciales y poniendo en riesgo cuentas en la nube. Esto evidencia la necesidad de implementar medidas proactivas y monitorear activamente los sistemas contra ataques tempranos. Revisa cómo se desarrolló este incidente y las mejores prácticas para proteger tus datos en la nube. Entérate aquí 👉 djar.co/LQrNO4

🛡️ VECT: RANSOMWARE COMO SERVICIO Y SU IMPACTO EN LA CADENA DE SUMINISTRO

El ransomware VECT, surgido en diciembre de 2025, se distingue por operar bajo modelo Ransomware-as-a-Service, causando estragos en varias cadenas de suministro. Su capacidad para expandirse y ejecutar ataques destructivos torna esencial entender su funcionamiento para anticipar y mitigar riesgos. La investigación de Check Point revela sus tácticas y evolución, información clave para defensores de la ciberseguridad. Explora el análisis completo sobre VECT y su impacto aquí 👉 djar.co/O8ko

💥 VECT 2.0 DESTRUYE IRREVERSIBLEMENTE ARCHIVOS EN WINDOWS, LINUX Y ESXI

La actualización 2.0 del ransomware VECT introduce un fallo en la gestión del nonce que provoca la destrucción permanente de archivos mayores a 131KB, haciendo inútiles los pagos de rescate y complicando las opciones de recuperación. Afecta múltiples sistemas operativos, aumentando la gravedad de los ataques. Comprender esta nueva versión es vital para fortalecer las estrategias de defensa y respuesta ante incidentes. Conoce más sobre esta amenaza crítica y cómo proteger tus datos aquí 👉 djar.co/pYoGQk

🎯 CLASE VIRTUAL AVANZADA: DETECCIÓN Y PREVENCIÓN DE MALWARE - CQURE ACADEMY

Especialistas en ciberseguridad tienen la oportunidad de profundizar en técnicas avanzadas de búsqueda y prevención de malware a través de esta clase magistral en vivo. La formación incluye métodos prácticos y teóricos para identificar amenazas complejas y fortalecer la postura defensiva de las organizaciones frente a ataques sofisticados. No pierdas la oportunidad de actualizar tus habilidades y conocimientos. Inscríbete y accede al curso aquí 👉 djar.co/RYH0

📚 GUÍA PARA AUTORES EN CIBERSEGURIDAD - THE HACKER RECIPES

Esta guía es ideal para profesionales interesados en escribir sobre hacking ético, pruebas de penetración y ciberseguridad. Ofrece estrategias claras para estructurar contenido técnico y didáctico, facilitando la comunicación efectiva de conocimientos complejos. Una herramienta valiosa para quienes desean contribuir al ecosistema de la seguridad informática con contenidos de calidad. Descubre cómo mejorar tus publicaciones y aportar valor aquí 👉 djar.co/u2Dz

  • 1
  • 1
  • 0
  • 4h ago

CVE-2024-1709

Overview

  • ConnectWise
  • ScreenConnect
21 Feb 2024
Published
21 Oct 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
94.32%
KEV

Description

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.

Statistics

  • 1 Post
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Capstone Technologies Group @CapTechGroup

CISA's KEV catalog now includes CVE-2024-1708 and CVE-2024-1709 (ConnectWise ScreenConnect auth bypass + RCE chain) plus CVE-2026-32202 (Windows Shell). APT28 has been weaponizing these since December 2025. The...

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 2h ago
Showing 31 to 36 of 36 CVEs