Gowri Shankar

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

CVE-2025-64996: Checkmk Vulnerability Exposes Monitoring Data via Insecure File Permissions

by

Overview This article discusses CVE-2025-64996, a vulnerability affecting Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older. This vulnerability stems from the mk_inotify plugin creating world-readable and writable files, potentially allowing local users to read and manipulate monitoring data. Technical Details The mk_inotify plugin is designed to monitor file system events … Read more

CVE-2025-63800: Open Source Point of Sale Vulnerability Lets You Blank Your Password!

by

Overview This article details CVE-2025-63800, a critical vulnerability discovered in Open Source Point of Sale (OSPOS) version 3.4.1. This flaw allows authenticated users to effectively disable their account authentication by setting their password to an empty string. Due to the lack of server-side validation, submitting an empty password during the password change process results in … Read more

CVE-2025-63604: Critical Code Injection Vulnerability in mcp-server-aws-resources-python 0.1.0

by

Published: 2025-11-18T16:15:46.060 Overview CVE-2025-63604 is a critical code injection vulnerability found in baryhuang/mcp-server-aws-resources-python version 0.1.0. This vulnerability allows for remote code execution due to insufficient input validation within the execute_query method. The exposure of dangerous Python built-in functions and the use of exec() to process user-supplied code make the application highly susceptible to malicious attacks. … Read more

Critical Command Injection Vulnerability in MCP Data Science Server (CVE-2025-63603)

by

Overview CVE-2025-63603 details a critical command injection vulnerability affecting the MCP Data Science Server (reading-plus-ai/mcp-server-data-exploration) version 0.1.6. This flaw resides in the safe_eval() function within the src/mcp_server_ds/server.py file. Due to improper sanitization and the use of Python’s exec() function without restricting access to built-in functions, an attacker can execute arbitrary code on the server. This … Read more

Critical Vulnerability in Awesome Miner: Kernel Privilege Escalation via Insecure WinRing0 (CVE-2025-63602)

by

Overview CVE-2025-63602 identifies a critical vulnerability in Awesome Miner, versions up to and including 11.2.4. This vulnerability allows an unprivileged user to achieve arbitrary read and write access to kernel memory and Model-Specific Registers (MSRs), including the LSTAR register. This is due to the presence of an outdated and insecure version of WinRing0 (specifically version … Read more

Critical Vulnerability in Local Agent DVR: CVE-2025-63408 Allows Unauthenticated Remote Code Execution

by

Overview CVE-2025-63408 identifies a critical security vulnerability affecting Local Agent DVR versions up to and including 6.6.1.0. This vulnerability is a directory traversal flaw that allows an unauthenticated, local attacker to gain unauthorized access to sensitive information, initiate server-side forgery requests (SSRF), and potentially execute arbitrary operating system commands on the affected system. Due to … Read more

Checkmk Alert: CVE-2025-58122 Exposes Notification Settings to Unauthorized Modification

by

Overview CVE-2025-58122 is a security vulnerability identified in Checkmk version 2.4.0 before version 2.4.0p16. This vulnerability stems from insufficient permission validation within the REST API, allowing low-privileged users to modify notification parameters. This unauthorized access can lead to a variety of security risks, including unauthorized actions and potential information disclosure. Technical Details The vulnerability lies … Read more

Critical Security Vulnerability: CVE-2025-58121 Impacts Checkmk REST API

by

Overview CVE-2025-58121 describes a critical security vulnerability found in Checkmk, a popular IT infrastructure monitoring solution. Specifically, the issue resides in the insufficient permission validation on multiple REST API endpoints within Checkmk versions 2.2.0, 2.3.0, and 2.4.0 (prior to version 2.4.0p16). This vulnerability allows low-privileged users to potentially perform unauthorized actions or gain access to … Read more

CVE-2025-55074: Unmasking Mattermost Agents Plugin’s Information Leak

by

Overview CVE-2025-55074 is a low-severity information disclosure vulnerability affecting the Agents plugin within Mattermost. Specifically, versions 10.11.x up to 10.11.3 and 10.5.x up to 10.5.11 are vulnerable. This flaw allows unauthorized users to determine when other users had read channels by observing channel member objects. While the information exposed is limited, it can still be … Read more

CVE-2025-12383: Critical SSL Configuration Vulnerability in Eclipse Jersey

by

Overview CVE-2025-12383 identifies a significant security vulnerability affecting Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9. This vulnerability stems from a race condition that can potentially cause the application to ignore critical SSL configurations. This includes essential settings like mutual authentication, custom key/trust stores, and other security-related parameters. While the issue might manifest as an SSLHandshakeException … Read more