Overview A critical vulnerability, identified as CVE-2025-33201, has been discovered in the NVIDIA Triton Inference Server. This vulnerability allows an attacker to potentially trigger a denial-of-service (DoS) condition by sending excessively large payloads to the server. This could disrupt service availability and impact applications relying on the inference server. Technical Details CVE-2025-33201 stems from an improper check for unusual or exceptional conditions when processing incoming requests. An attacker can exploit this flaw by sending a carefully crafted, extremely large payload to the Triton Inference Server. This oversized payload can overwhelm the server’s resources, leading to a crash or unresponsiveness, effectively…

Overview CVE-2025-13992 is a security vulnerability discovered in Google Chrome’s Navigation and Loading mechanisms, specifically affecting versions prior to 139.0.7258.66. This vulnerability allows a remote attacker to potentially bypass Chrome’s site isolation feature, a crucial security mechanism designed to prevent malicious websites from accessing sensitive data from other websites open in the same browser. The vulnerability stems from a side-channel information leakage issue exploitable via a crafted HTML page. Technical Details The vulnerability is categorized as a side-channel information leakage issue within Chrome’s navigation and loading processes. While the exact mechanism is detailed in the Chromium bug report (referenced below),…

Overview CVE-2025-12819 is a high-severity vulnerability affecting PgBouncer versions prior to 1.25.0. This flaw allows an unauthenticated attacker to execute arbitrary SQL commands during the authentication process. The vulnerability stems from an untrusted search path in the `auth_query` connection handler, which can be manipulated using a malicious `search_path` parameter within the StartupMessage. This can lead to complete database compromise. Technical Details The vulnerability lies in how PgBouncer handles the `search_path` parameter during the initial connection handshake. Specifically, when `auth_query` is configured, PgBouncer uses the client-provided `search_path` to locate and execute the authentication query. By crafting a malicious `search_path` that points…

Overview CVE-2025-12084 describes a potential denial-of-service (DoS) vulnerability in Python’s xml.dom.minidom module. Specifically, the vulnerability arises when constructing deeply nested XML documents using methods like appendChild(). The underlying algorithm responsible for managing element IDs (via _clear_id_cache()) exhibits quadratic complexity, meaning the time required to build the XML structure grows proportionally to the square of the depth of the nesting. This can lead to significant performance degradation and potentially crash the application when dealing with extremely nested documents. Technical Details The root cause of this vulnerability lies in the implementation of the internal _clear_id_cache() function, which is invoked when adding new…

Overview CVE-2024-3884 is a high-severity vulnerability affecting Undertow, a flexible performant web server written in Java. This flaw can be exploited by unauthorized remote attackers to trigger a Denial of Service (DoS) attack. The vulnerability stems from how Undertow parses large form data encoded with the `application/x-www-form-urlencoded` content type. Specifically, the `FormEncodedDataDefinition.doParse(StreamSourceChannel)` method is susceptible to an OutOfMemory (OOM) error when processing exceedingly large form data, effectively crashing the server. Technical Details The vulnerability resides within the `FormEncodedDataDefinition.doParse(StreamSourceChannel)` method in Undertow. When a server using Undertow receives a request with the `application/x-www-form-urlencoded` content type, this method is invoked to parse…

Overview This article provides a detailed analysis of CVE-2025-64763, a vulnerability affecting the Envoy proxy. This vulnerability, discovered in Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, can lead to CONNECT tunnel desynchronization when Envoy is configured as a TCP proxy handling CONNECT requests. This can happen due to Envoy’s behavior of accepting client data before receiving a 2xx response from the upstream. Technical Details The vulnerability stems from Envoy’s handling of CONNECT requests in TCP proxy mode. When Envoy receives a CONNECT request, it forwards the request to the upstream server. Crucially, it also accepts and forwards client data…

Overview CVE-2025-64527 is a medium severity vulnerability affecting Envoy, a high-performance edge/middle/service proxy. This vulnerability can lead to a denial-of-service (DoS) condition, causing Envoy to crash under specific circumstances related to JWT (JSON Web Token) authentication. Technical Details The vulnerability occurs when JWT authentication is configured with remote JWKS (JSON Web Key Set) fetching, and the allow_missing_or_failed option is enabled. The issue arises when multiple JWT tokens are present in the request headers and the JWKS fetch for the first token fails. This failure triggers a re-entry bug in the JwksFetcherImpl. Specifically, when the initial JWKS fetch fails, the onJwksError()…

Overview This article provides a detailed analysis of CVE-2025-64443, a DNS rebinding vulnerability found in MCP Gateway versions 0.27.0 and earlier. MCP Gateway is designed to allow easy and secure running and deployment of MCP servers. This vulnerability can be exploited when MCP Gateway is running in SSE or streaming transport mode, potentially allowing attackers to manipulate MCP servers behind the gateway. It’s crucial to understand the risks and take necessary steps to mitigate this vulnerability. Technical Details CVE-2025-64443 stems from a DNS rebinding flaw within MCP Gateway’s SSE and streaming transport modes. When configured to use these modes, MCP…

Overview A high-severity vulnerability, identified as CVE-2025-66431, has been discovered in WebPros Plesk. This vulnerability allows remote authenticated users to execute arbitrary code as root on Linux systems. The vulnerability affects Plesk versions before 18.0.73.5 and 18.0.74 before 18.0.74.2. Technical Details The vulnerability resides in the domain creation mechanism within Plesk. An attacker with the necessary permissions (“Create and manage sites” along with “Domains management” and “Subdomains management”) can exploit this flaw. By manipulating the domain creation process, the attacker can inject and execute malicious code with root privileges. This is a critical issue as it allows complete control over…

Overview CVE-2025-65843 identifies a high-severity insecure file handling vulnerability affecting Aquarius Desktop version 3.0.069 for macOS. This flaw stems from how the application generates support data archives, specifically in its handling of symbolic links within the user’s log directory. A local attacker can exploit this vulnerability to potentially read or modify arbitrary files on the system, especially when chained with other vulnerabilities like privilege escalation issues. Technical Details Aquarius Desktop’s support data archive generation feature recursively enumerates logs located in ~/Library/Logs/Aquarius. The application utilizes a JUCE directory iterator configured to follow symbolic links. Critically, the application fails to validate whether…