Overview CVE-2025-64745 describes a Reflected Cross-Site Scripting (XSS) vulnerability affecting the Astro web framework. This vulnerability is present in the development server specifically when the trailingSlash configuration option is enabled. It affects Astro versions starting from 5.2.0 up to, but not including, version 5.15.6. A malicious actor can craft a URL to inject arbitrary JavaScript code, which will then execute within the browser context of a developer using the development server. While this vulnerability is limited to the development server and does not impact production builds, it poses a risk to developer environments. Attackers might exploit this via social engineering…

Overview CVE-2025-64744 describes a low-severity Cross-Site Scripting (XSS) vulnerability found in OpenObserve, a cloud-native observability platform. Specifically, versions up to and including 0.16.1 are affected. The vulnerability arises when an organization is created or renamed using HTML markup within the organization name. This markup is then rendered inside the invitation email sent to new users, potentially leading to malicious code execution within the recipient’s email client, depending on email client capabilities and configuration. Technical Details The vulnerability stems from the lack of proper HTML escaping when handling the organization name during the invitation email generation process. User-controlled input (the organization…

Published: 2025-11-13T21:15:49.833 Overview This blog post provides an overview of CVE-2025-4619, a denial-of-service (DoS) vulnerability affecting Palo Alto Networks PAN-OS software. This vulnerability allows an unauthenticated attacker to remotely trigger a firewall reboot by sending a specially crafted packet through the dataplane. Repeated exploitation of this vulnerability can force the firewall into maintenance mode, disrupting network services. Technical Details CVE-2025-4619 is triggered by a malformed packet traversing the PAN-OS dataplane. The specific details of the packet structure are not publicly available to prevent widespread exploitation. However, it is known that a successful exploit results in an unexpected system error that…

Overview CVE-2025-47222 describes an Incorrect Access Control vulnerability found in Keyfactor SignServer versions prior to 7.3.1. This is issue 3 of 3 vulnerabilities identified in this timeframe. While the severity and CVSS score are currently unavailable, understanding and addressing this vulnerability is crucial for maintaining the security and integrity of your SignServer environment. Technical Details The specific technical details of CVE-2025-47222 are currently limited. However, the “Incorrect Access Control” designation suggests that the vulnerability allows unauthorized users or processes to access or modify resources or functionalities within Keyfactor SignServer. The exact mechanisms by which this occurs require further investigation but…

Overview CVE-2025-47221 identifies an Incorrect Access Control vulnerability present in Keyfactor SignServer versions prior to 7.3.1. This is issue 2 of a reported series of security concerns. While the specific details are still under investigation, the potential implications of such a vulnerability could be significant, especially within environments relying on SignServer for critical code signing and document signing processes. Technical Details The vulnerability stems from inadequate access control mechanisms within Keyfactor SignServer. Specifically, the issue resides in the authorization logic that governs user or process access to certain functionalities or data. An attacker could potentially leverage this flaw to bypass…

Overview CVE-2025-47220 describes an Incorrect Access Control vulnerability found in Keyfactor SignServer versions prior to 7.3.1. This is issue 1 of 3 reported in this release. While the severity and CVSS score are currently listed as N/A, it’s crucial to understand the potential implications and take appropriate mitigation steps. Technical Details The specifics of the Incorrect Access Control vulnerability are detailed in the Keyfactor release notes. Insufficient access control mechanisms within SignServer before version 7.3.1 could potentially allow unauthorized users or processes to perform actions they shouldn’t be permitted to. The exact attack vectors and impacted functionalities depend on the…

Overview A critical Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-64709, has been discovered in Typebot, an open-source chatbot builder. This flaw, present in versions prior to 3.13.1, allows authenticated users to potentially compromise an entire AWS infrastructure by exploiting the webhook block (HTTP Request component) to access the AWS Instance Metadata Service (IMDS). Technical Details The vulnerability resides within the HTTP Request functionality of Typebot’s webhook block. An authenticated user can craft malicious requests that are executed by the Typebot server. Specifically, the vulnerability allows for the injection of custom headers, which can be used to bypass IMDSv2 protections.…

Overview CVE-2025-60702 is a critical command injection vulnerability affecting TOTOLINK A950RG routers running firmware version V5.9c.4592_B20191022_ALL. This flaw allows unauthenticated remote attackers to execute arbitrary commands on the affected device. This is achieved by injecting malicious code into the `ipDoamin` parameter of the `setDiagnosisCfg` function, which is then executed by the router’s operating system. Due to the lack of input sanitization, the attacker can bypass security measures and gain full control of the router. Technical Details The vulnerability resides in the `system.so` binary of the router’s firmware. Specifically, the `setDiagnosisCfg` function is vulnerable. This function retrieves the `ipDoamin` parameter from…

Overview A critical buffer overflow vulnerability, identified as CVE-2025-60699, has been discovered in the TOTOLINK A950RG Router firmware version V5.9c.4592_B20191022_ALL. This flaw allows an unauthenticated remote attacker to potentially execute arbitrary code on the affected device. The vulnerability resides within the `global.so` binary, specifically in the `getSaveConfig` function. Technical Details The vulnerability stems from the use of `strcpy()` within the `getSaveConfig` function. This function retrieves the `http_host` parameter from user input using `websGetVar`. Critically, `strcpy()` copies this `http_host` parameter into a fixed-size stack buffer (`v13`) *without* performing any length checks. By sending an HTTP request with an `http_host` value exceeding…

Overview A critical stack buffer overflow vulnerability, identified as CVE-2025-60679, has been discovered in the D-Link DIR-816A2 router. This vulnerability affects the firmware version DIR-816A2_FWv1.10CNB05_R1B011D88210.img and resides within the upload.cgi module, which handles firmware version information. Successfully exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the affected device. Technical Details The vulnerability stems from insufficient input validation within the upload.cgi module when processing firmware version information. Specifically, the content of /proc/version is read into a 512-byte buffer. This content is then concatenated using sprintf() into another 512-byte buffer, which already contains a 29-byte constant string.…