Overview A critical vulnerability, identified as CVE-2025-36096, has been discovered in IBM AIX 7.2, 7.3, and IBM VIOS 3.1, 4.1. This flaw exposes Network Installation Management (NIM) private keys, which are stored insecurely. An attacker exploiting this vulnerability using man-in-the-middle techniques could gain unauthorized access to systems within the NIM environment. Technical Details The core issue lies in the way NIM private keys are handled within the affected versions of IBM AIX and VIOS. The private keys, essential for secure communication and authentication within the NIM infrastructure, are stored in a manner that makes them susceptible to interception during network…

Overview CVE-2025-13131 identifies a high-severity vulnerability in Sonarr version 4.0.15.2940. This vulnerability stems from incorrect default permissions resulting from manipulation of an unknown function within the Sonarr.Console.exe file, located at C:\ProgramData\Sonarr\bin\Sonarr.Console.exe. While the vendor acknowledges the vulnerability, they classify it as low severity due to the common practice of using the default service user. Exploitation requires local access. Technical Details The vulnerability resides within an unspecified function of the Sonarr.Console.exe executable. Exploitation involves manipulating this function in a way that causes Sonarr to configure incorrect default permissions. Due to the local access requirement, an attacker would need existing access to…

Overview CVE-2025-64746 describes a medium severity vulnerability in Directus, a real-time API and App dashboard for managing SQL database content. Specifically, versions prior to 11.13.0 do not properly clean up field-level permissions when a field is deleted. This can lead to roles unintentionally gaining access to data they shouldn’t have. Technical Details When a field is removed from a collection in vulnerable versions of Directus, the reference to that field in the permissions table is not deleted. This “stale” reference remains. If a new field is later created using the same name as the deleted field, the new field inadvertently…

Overview CVE-2025-64745 describes a Reflected Cross-Site Scripting (XSS) vulnerability affecting the Astro web framework. This vulnerability is present in the development server specifically when the trailingSlash configuration option is enabled. It affects Astro versions starting from 5.2.0 up to, but not including, version 5.15.6. A malicious actor can craft a URL to inject arbitrary JavaScript code, which will then execute within the browser context of a developer using the development server. While this vulnerability is limited to the development server and does not impact production builds, it poses a risk to developer environments. Attackers might exploit this via social engineering…

Overview CVE-2025-64744 describes a low-severity Cross-Site Scripting (XSS) vulnerability found in OpenObserve, a cloud-native observability platform. Specifically, versions up to and including 0.16.1 are affected. The vulnerability arises when an organization is created or renamed using HTML markup within the organization name. This markup is then rendered inside the invitation email sent to new users, potentially leading to malicious code execution within the recipient’s email client, depending on email client capabilities and configuration. Technical Details The vulnerability stems from the lack of proper HTML escaping when handling the organization name during the invitation email generation process. User-controlled input (the organization…

Published: 2025-11-13T21:15:49.833 Overview This blog post provides an overview of CVE-2025-4619, a denial-of-service (DoS) vulnerability affecting Palo Alto Networks PAN-OS software. This vulnerability allows an unauthenticated attacker to remotely trigger a firewall reboot by sending a specially crafted packet through the dataplane. Repeated exploitation of this vulnerability can force the firewall into maintenance mode, disrupting network services. Technical Details CVE-2025-4619 is triggered by a malformed packet traversing the PAN-OS dataplane. The specific details of the packet structure are not publicly available to prevent widespread exploitation. However, it is known that a successful exploit results in an unexpected system error that…

Overview CVE-2025-47222 describes an Incorrect Access Control vulnerability found in Keyfactor SignServer versions prior to 7.3.1. This is issue 3 of 3 vulnerabilities identified in this timeframe. While the severity and CVSS score are currently unavailable, understanding and addressing this vulnerability is crucial for maintaining the security and integrity of your SignServer environment. Technical Details The specific technical details of CVE-2025-47222 are currently limited. However, the “Incorrect Access Control” designation suggests that the vulnerability allows unauthorized users or processes to access or modify resources or functionalities within Keyfactor SignServer. The exact mechanisms by which this occurs require further investigation but…

Overview CVE-2025-47221 identifies an Incorrect Access Control vulnerability present in Keyfactor SignServer versions prior to 7.3.1. This is issue 2 of a reported series of security concerns. While the specific details are still under investigation, the potential implications of such a vulnerability could be significant, especially within environments relying on SignServer for critical code signing and document signing processes. Technical Details The vulnerability stems from inadequate access control mechanisms within Keyfactor SignServer. Specifically, the issue resides in the authorization logic that governs user or process access to certain functionalities or data. An attacker could potentially leverage this flaw to bypass…

Overview CVE-2025-47220 describes an Incorrect Access Control vulnerability found in Keyfactor SignServer versions prior to 7.3.1. This is issue 1 of 3 reported in this release. While the severity and CVSS score are currently listed as N/A, it’s crucial to understand the potential implications and take appropriate mitigation steps. Technical Details The specifics of the Incorrect Access Control vulnerability are detailed in the Keyfactor release notes. Insufficient access control mechanisms within SignServer before version 7.3.1 could potentially allow unauthorized users or processes to perform actions they shouldn’t be permitted to. The exact attack vectors and impacted functionalities depend on the…

Overview A critical Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-64709, has been discovered in Typebot, an open-source chatbot builder. This flaw, present in versions prior to 3.13.1, allows authenticated users to potentially compromise an entire AWS infrastructure by exploiting the webhook block (HTTP Request component) to access the AWS Instance Metadata Service (IMDS). Technical Details The vulnerability resides within the HTTP Request functionality of Typebot’s webhook block. An authenticated user can craft malicious requests that are executed by the Typebot server. Specifically, the vulnerability allows for the injection of custom headers, which can be used to bypass IMDSv2 protections.…