Overview CVE-2025-65108 is a critical security vulnerability affecting md-to-pdf, a command-line tool used for converting Markdown files to PDF using Node.js and headless Chrome. This vulnerability allows for remote code execution (RCE) due to unsanitized processing of JavaScript delimiters within Markdown front-matter blocks. The vulnerability existed in versions prior to 5.2.5. An attacker could craft a malicious Markdown file containing a specifically crafted front-matter block, which when processed by md-to-pdf, would lead to arbitrary code execution on the system running the tool. Technical Details The vulnerability stems from the use of the gray-matter library for parsing Markdown front-matter. Prior to…

Overview CVE-2025-65107 describes a medium severity security vulnerability affecting Langfuse, an open-source large language model (LLM) engineering platform. This vulnerability, if exploited, could allow for unauthorized account takeover under specific configurations. The vulnerability exists in versions 2.95.0 to before 2.95.12 and 3.17.0 to before 3.131.0. A successful attack requires an authenticated user to be tricked into clicking a specially crafted URL. Patches are available in versions 2.95.12 and 3.131.0. Technical Details The vulnerability stems from insecure SSO provider configurations. Specifically, when an explicit AUTH_<PROVIDER>_CHECK setting is not defined, the system is susceptible to Cross-Site Request Forgery (CSRF) or phishing attacks.…

Overview This article details CVE-2025-65106, a critical template injection vulnerability discovered in LangChain, a popular framework for building agents and LLM-powered applications. The vulnerability allows attackers to potentially access Python object internals through template syntax, posing a significant risk to applications that accept untrusted template strings. Technical Details CVE-2025-65106 affects LangChain versions 0.3.79 and prior, as well as versions 1.0.0 through 1.0.6. The vulnerability resides in LangChain’s prompt template system, specifically within ChatPromptTemplate and related prompt template classes. An attacker can exploit this flaw by injecting malicious code into template strings if the application doesn’t properly sanitize or validate the…

Overview CVE-2025-65102 describes a vulnerability found in PJSIP, a free and open-source multimedia communication library. Specifically, this issue affects users employing the Opus audio codec in the receiving direction. The vulnerability lies within the Opus PLC (Packet Loss Concealment) implementation and can potentially cause unexpected application termination due to a memory overwrite. The vulnerability has been addressed in PJSIP version 2.16. Technical Details The vulnerability occurs because the Opus PLC may zero-fill the input frame based on the decoder ptime (packet time). However, the actual input frame length, which is derived from the stream ptime, might be shorter than the…

Published: 2025-11-21T22:16:32.560 Overview CVE-2025-65092 is a security vulnerability affecting the ESP32-P4 microcontroller when using its hardware JPEG decoder within Espressif’s IoT Development Framework (ESP-IDF). Specifically, versions 5.5.1, 5.4.3, and 5.3.4 lack proper validation checks in the software parser associated with the hardware JPEG decoder. This can be exploited by providing a specially crafted malicious JPEG image, leading to an out-of-bounds array access. Technical Details The vulnerability resides within the JPEG decoding routine used by the ESP32-P4’s hardware accelerator. The software parser, responsible for interpreting the JPEG image data, fails to adequately validate input parameters. An attacker can craft a malicious…

Overview CVE-2025-43374 is a security vulnerability affecting several Apple operating systems, including iOS, iPadOS, macOS, visionOS, and watchOS. This vulnerability is classified as an out-of-bounds read within the kernel memory, potentially allowing an attacker in physical proximity to access sensitive data. Apple has released security updates to address this issue by implementing improved bounds checking. Technical Details The core issue lies in insufficient bounds checking during certain memory operations within the kernel. An attacker with physical access to a vulnerable device could potentially craft inputs or trigger specific actions that cause the system to read beyond the allocated memory boundaries.…

Overview CVE-2025-31266 describes a spoofing vulnerability affecting Apple’s Safari browser (version 18.5) and macOS Sequoia (version 15.5). This flaw could allow a malicious website to potentially spoof the domain name displayed in the title of a pop-up window, potentially misleading users into believing they are interacting with a legitimate site when they are not. Technical Details The vulnerability arises from how Safari and macOS handle the truncation of fully qualified domain names (FQDNs) when displaying them in pop-up window titles. The fix implemented in Safari 18.5 and macOS Sequoia 15.5 involves improved truncation logic to prevent malicious websites from crafting…

Overview CVE-2025-31248 describes a critical security vulnerability affecting macOS. This issue stems from a parsing flaw in the handling of directory paths, which, if exploited, could allow a malicious application to bypass security restrictions and access sensitive user data. Apple has addressed this vulnerability with improved path validation in the following updates: macOS Ventura 13.7.3, macOS Sequoia 15.5, and macOS Sonoma 14.7.3. Users are strongly advised to update their systems to these versions to mitigate the risk. Technical Details The vulnerability lies in the way macOS parses and validates directory paths. A malformed or carefully crafted path could potentially trick…

Overview CVE-2025-31216 is a security vulnerability affecting iOS and iPadOS devices. It allows an attacker with physical access to a device to potentially override managed Wi-Fi profiles. This vulnerability has been addressed in the latest security updates released by Apple. Technical Details The vulnerability arises from insufficient checks performed by the operating system when handling Wi-Fi profile configurations. An individual with physical access to a vulnerable device could potentially exploit this flaw to modify or replace existing managed Wi-Fi profiles. This could lead to the device connecting to unintended networks, potentially exposing sensitive data or allowing for man-in-the-middle attacks. The…

Overview CVE-2025-11935 describes a potential vulnerability related to the implementation of TLS 1.3 pre-shared keys (PSK) that could lead to a bypass of Perfect Forward Secrecy (PFS). Specifically, a malicious or faulty server could potentially ignore a client’s request for PFS when using PSK, and the client would continue the connection without PFS. This happens if the server responds to a ClientHello containing `psk_dhe_ke` without a `key_share` extension. Reusing an authenticated PSK connection without the expected PFS on the client side weakens the overall security of the connection, as past session keys could be compromised if the PSK is later…