Overview CVE-2025-62703 is a critical remote code execution (RCE) vulnerability affecting versions 0.9.2 and prior of the Fugue framework. Fugue provides a unified interface for distributed computing, allowing users to execute Python, Pandas, and SQL code on platforms like Spark, Dask, and Ray with minimal code modifications. This vulnerability stems from insecure pickle deserialization within the FlaskRPCServer, potentially allowing attackers to execute arbitrary code on affected systems. Technical Details The vulnerability resides in the way Fugue handles RPC (Remote Procedure Call) communication. Specifically, the _decode() function located in fugue/rpc/flask.py uses cloudpickle.loads() to deserialize incoming data without proper sanitization. This means…
-
-
Overview CVE-2025-21621 is a reflected cross-site scripting (XSS) vulnerability affecting GeoServer, an open-source server used for sharing and editing geospatial data. This vulnerability exists in versions prior to 2.25.0 and stems from insufficient sanitization of user-supplied input in the WMS GetFeatureInfo HTML output format. Specifically, a malicious actor can inject arbitrary JavaScript code through specially crafted SLD_BODY parameters. Technical Details The vulnerability lies in how GeoServer handles user-provided SLD_BODY parameters within WMS GetFeatureInfo requests. By injecting malicious JavaScript code into this parameter, an attacker can exploit the lack of proper output encoding. When a victim clicks a crafted link or…
-
Overview A critical XML External Entity (XXE) vulnerability, identified as CVE-2025-58360, has been discovered in GeoServer, an open-source server used for sharing and editing geospatial data. This vulnerability affects versions 2.26.0 to before 2.26.2 and before 2.25.6. Unsanitized XML input through the /geoserver/wms endpoint, specifically the GetMap operation, allows attackers to define external entities within XML requests. This can lead to sensitive information disclosure, denial-of-service, or potentially remote code execution in some scenarios. Upgrading to a patched version is strongly recommended. Technical Details The vulnerability stems from insufficient input validation of XML data submitted to the GeoServer WMS service via…
-
Overview CVE-2025-51746 identifies a critical security vulnerability in jishenghua JSH_ERP version 2.3.1. The vulnerability resides in the /serialNumber/addSerialNumber endpoint and is susceptible to Fastjson deserialization attacks. This allows attackers to potentially execute arbitrary code on the server, leading to complete system compromise. Technical Details The vulnerability stems from the insecure deserialization of user-supplied data using Fastjson. When processing requests to the /serialNumber/addSerialNumber endpoint, the application fails to properly sanitize or validate the incoming serialized data. An attacker can craft a malicious JSON payload containing instructions to execute arbitrary code during the deserialization process. This can be achieved by injecting specific…
-
Overview CVE-2025-51745 identifies a critical security vulnerability affecting jishenghua JSH_ERP version 2.3.1. This vulnerability stems from the insecure use of Fastjson deserialization in the /role/addcan endpoint, potentially allowing attackers to execute arbitrary code on the server. Technical Details The /role/addcan endpoint in JSH_ERP 2.3.1 is susceptible to Fastjson deserialization attacks. Fastjson, a high-performance JSON library, can be exploited when handling untrusted data. If the application deserializes attacker-controlled JSON payloads without proper validation, it can lead to remote code execution (RCE). The specific details of how the payload is crafted and delivered are available in the referenced resources. Attackers can leverage…
-
Overview CVE-2025-51744 describes a critical security vulnerability affecting jishenghua JSH_ERP version 2.3.1. Specifically, the /user/addUser endpoint is susceptible to Fastjson deserialization attacks. This means a malicious actor could potentially inject arbitrary code into the application by crafting a specially designed JSON payload during the user creation process. Technical Details The vulnerability stems from the insecure deserialization of user-supplied data via the Fastjson library within the /user/addUser endpoint. Fastjson, when not configured securely, can be tricked into instantiating arbitrary Java classes present on the classpath. An attacker can leverage this to execute malicious code on the server. The attacker would craft…
-
Overview CVE-2025-51743 identifies a critical security vulnerability affecting jishenghua JSH_ERP version 2.3.1. This vulnerability stems from the improper handling of deserialization processes within the /materialCategory/addMaterialCategory endpoint, making the application susceptible to Fastjson deserialization attacks. Successful exploitation of this vulnerability could lead to remote code execution, data breaches, or other severe security compromises. Technical Details The /materialCategory/addMaterialCategory endpoint in JSH_ERP 2.3.1 is vulnerable because it doesn’t adequately sanitize or validate user-supplied input before deserializing it using Fastjson. An attacker can craft a malicious JSON payload containing instructions to execute arbitrary code on the server. This payload is then sent to the…
-
Overview CVE-2025-51741 details a vulnerability found in Veal98 Echo Open-Source Community System versions 2.2 through 2.3. This flaw allows an unauthenticated attacker to trigger the server to send email verification messages to arbitrary user email addresses. The vulnerable endpoint is located at /sendEmailCodeForResetPwd. This uncontrolled email sending can lead to a denial-of-service (DoS) condition, impacting both the server’s resources and the recipients’ inboxes. Technical Details The vulnerability resides in the /sendEmailCodeForResetPwd endpoint, which is intended to facilitate password resets. An attacker can make requests to this endpoint without any authentication, specifying arbitrary email addresses as the recipient. The system then…
-
Overview CVE-2025-9624 details a Denial of Service (DoS) vulnerability affecting OpenSearch. This vulnerability allows a remote attacker to trigger a DoS condition by sending specially crafted, complex query_string inputs to the OpenSearch server. Successful exploitation of this vulnerability can render the OpenSearch service unavailable, impacting applications and services that rely on it. The vulnerability affects all OpenSearch versions prior to 3.2.0. Immediate action is recommended to mitigate the risk. Technical Details The vulnerability stems from insufficient validation and processing of the query_string parameter within OpenSearch’s search API. Attackers can craft overly complex or deeply nested queries that consume excessive resources,…
-
Overview CVE-2025-66017 identifies a significant vulnerability in the CGGMP24 ECDSA Threshold Signature Scheme (TSS) protocol, specifically affecting versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24. The vulnerability stems from the misuse of pre-signatures, which could substantially weaken the overall security of the system. The release of cggmp24 version 0.7.0-alpha.2 addresses this issue with API changes that prevent insecure use of pre-signatures. Technical Details CGGMP24 is a state-of-the-art ECDSA TSS protocol designed for 1-round signing (requiring 3 preprocessing rounds), identifiable abort, and key refresh capabilities. The vulnerability lies in how pre-signatures were handled in earlier versions. Specifically, pre-signatures,…