Overview CVE-2025-66361 describes a vulnerability in Logpoint versions prior to 7.7.0. This vulnerability allows for the exposure of sensitive information within System Processes when the system experiences high CPU load. The exposure occurs because of how Logpoint handles data processing under stress, leading to potentially revealing sensitive data that should otherwise be protected. Technical Details The root cause of CVE-2025-66361 lies in the way Logpoint manages system processes during periods of high CPU utilization. When the system is under heavy load, the normal mechanisms for securing and sanitizing process data appear to fail, leading to the unintentional inclusion of sensitive…

Overview CVE-2025-66360 describes a vulnerability discovered in Logpoint versions prior to 7.7.0. This issue arises from an improperly configured access control policy, which allows users with li-admin privileges to access sensitive information related to Logpoint’s internal Redis service. This exposure can potentially be exploited to achieve privilege escalation within the Logpoint environment. Technical Details The vulnerability stems from a lack of sufficient access control restrictions on the Redis service, which Logpoint uses internally for caching and inter-process communication. li-admin users, while intended to have administrative access to specific Logpoint functionalities, should not have access to the raw Redis data. The…

Overview A critical Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-66359, has been discovered in Logpoint versions prior to 7.7.0. This vulnerability stems from insufficient input validation and a lack of proper output escaping in multiple Logpoint components. Successful exploitation could allow attackers to inject malicious scripts into the application, potentially leading to account compromise, data theft, and other malicious activities. Technical Details The vulnerability arises from Logpoint’s failure to adequately sanitize user-supplied input before incorporating it into web pages. Specifically, multiple components within Logpoint are susceptible to accepting and displaying unsanitized data. This allows an attacker to inject arbitrary JavaScript…

Overview CVE-2025-3261 details a stored Cross-Site Scripting (XSS) vulnerability found in ThingsBoard, an open-source IoT platform. Specifically, versions prior to v4.2.1 are susceptible. This flaw allows an authenticated user to upload malicious SVG images through the “Image Gallery” feature. When these images are accessed, they can execute arbitrary JavaScript code within a user’s browser session. Technical Details The vulnerability stems from insufficient input validation within the ImageController. When an SVG image is uploaded, the system fails to properly sanitize the file for potentially malicious JavaScript code embedded within the SVG markup. This allows an attacker to inject JavaScript that executes…

Overview A critical vulnerability, identified as CVE-2025-12421, has been discovered in Mattermost. This flaw allows an authenticated user to potentially take over another user’s account. The vulnerability affects Mattermost versions 11.0.x

Overview CVE-2025-12559 is a Medium severity vulnerability affecting multiple versions of Mattermost. This vulnerability allows any authenticated user to view team email addresses that should be restricted to Team Administrators. The issue stems from a failure to properly sanitize team email addresses when accessed via the GET /api/v4/channels/{channel_id}/common_teams endpoint. This security flaw affects Mattermost versions 11.0.x

Overview CVE-2025-13765 describes a vulnerability in Devolutions Server that allows users without administrative privileges to access email service credentials. This exposure can lead to unauthorized access to sensitive email communications and potentially compromise other systems relying on those credentials. This issue affects Devolutions Server versions prior to 2025.2.21 and 2025.3.9. It is crucial to update affected instances to a patched version to remediate this vulnerability. Technical Details The specific mechanism allowing unauthorized access is not explicitly detailed in the public advisory. However, the core issue revolves around insufficient access control mechanisms within Devolutions Server that permit non-administrative users to view…

Overview CVE-2025-13758 describes a vulnerability in Devolutions Server that can lead to the exposure of credentials through unintended requests. This issue affects versions up to and including 2025.2.20 and 2025.3.8. While the severity and CVSS score are currently listed as N/A, it is crucial to understand the potential impact and implement necessary mitigation steps to protect your Devolutions Server environment. Technical Details The specific technical details of CVE-2025-13758 revolve around the possibility of the Devolutions Server handling requests in a way that inadvertently exposes sensitive credentials. Further investigation is required from Devolutions documentation or pentesting to confirm the exact mechanism.…

Overview CVE-2025-13757 describes a SQL Injection vulnerability discovered in the “last usage logs” functionality of Devolutions Server. This vulnerability affects versions up to and including 2025.2.20 and 2025.3.8. Successful exploitation of this flaw could allow an attacker to execute arbitrary SQL queries, potentially leading to data breaches, modification of sensitive information, or complete system compromise. Technical Details The vulnerability resides within the last usage logs section of Devolutions Server. Improper sanitization of user-supplied input related to filtering or querying these logs allows an attacker to inject malicious SQL code. The exact parameter vulnerable to injection isn’t publicly specified beyond “last…

Overview A critical security vulnerability, identified as CVE-2025-12419, has been discovered in Mattermost. This vulnerability affects multiple versions of Mattermost and could allow an attacker with team creation or admin privileges to take over any user account. The flaw lies in the improper validation of OAuth state tokens during OpenID Connect authentication. This blog post provides a detailed analysis of the vulnerability, its potential impact, and the necessary steps to mitigate the risk. Technical Details CVE-2025-12419 stems from a flaw in the OAuth completion flow within Mattermost’s OpenID Connect (OIDC) implementation. Specifically, the application fails to adequately validate the state…