Overview This article provides a detailed analysis of CVE-2025-64443, a DNS rebinding vulnerability found in MCP Gateway versions 0.27.0 and earlier. MCP Gateway is designed to allow easy and secure running and deployment of MCP servers. This vulnerability can be exploited when MCP Gateway is running in SSE or streaming transport mode, potentially allowing attackers to manipulate MCP servers behind the gateway. It’s crucial to understand the risks and take necessary steps to mitigate this vulnerability. Technical Details CVE-2025-64443 stems from a DNS rebinding flaw within MCP Gateway’s SSE and streaming transport modes. When configured to use these modes, MCP…

Overview A high-severity vulnerability, identified as CVE-2025-66431, has been discovered in WebPros Plesk. This vulnerability allows remote authenticated users to execute arbitrary code as root on Linux systems. The vulnerability affects Plesk versions before 18.0.73.5 and 18.0.74 before 18.0.74.2. Technical Details The vulnerability resides in the domain creation mechanism within Plesk. An attacker with the necessary permissions (“Create and manage sites” along with “Domains management” and “Subdomains management”) can exploit this flaw. By manipulating the domain creation process, the attacker can inject and execute malicious code with root privileges. This is a critical issue as it allows complete control over…

Overview CVE-2025-65843 identifies a high-severity insecure file handling vulnerability affecting Aquarius Desktop version 3.0.069 for macOS. This flaw stems from how the application generates support data archives, specifically in its handling of symbolic links within the user’s log directory. A local attacker can exploit this vulnerability to potentially read or modify arbitrary files on the system, especially when chained with other vulnerabilities like privilege escalation issues. Technical Details Aquarius Desktop’s support data archive generation feature recursively enumerates logs located in ~/Library/Logs/Aquarius. The application utilizes a JUCE directory iterator configured to follow symbolic links. Critically, the application fails to validate whether…

Overview CVE-2025-65842 details a significant local privilege escalation vulnerability found within the Aquarius HelperTool (version 1.0.003) on macOS. This flaw allows a local attacker to gain root privileges on the system. The vulnerability stems from insecure handling of XPC connections and improper authorization checks within the HelperTool’s privileged XPC service. Technical Details The Aquarius HelperTool utilizes an XPC service to perform privileged operations. The core of the vulnerability lies in the following: Unvalidated XPC Connections: The service accepts XPC connections from any local process without properly validating the client’s identity. This means any application running on the system can initiate…

Overview CVE-2025-65841 describes a critical vulnerability found in Aquarius Desktop version 3.0.069 for macOS. This vulnerability allows for potential account takeover due to the insecure storage of user authentication credentials. The application employs a weak obfuscation scheme that can be easily reversed, enabling attackers to recover plaintext passwords. Technical Details Aquarius Desktop 3.0.069 stores user credentials within the ~/Library/Application Support/Aquarius/aquarius.settings file. The password “encryption” is implemented through a simple and predictable byte-substitution algorithm. This rudimentary obfuscation is easily bypassed, allowing an attacker with access to the aquarius.settings file to recover the user’s plaintext password with minimal effort. The specific weakness…

Overview CVE-2025-62686 describes a local privilege escalation vulnerability found in the Plugin Alliance InstallationHelper service, which is bundled with Plugin Alliance Installation Manager version 1.4.0 on macOS. This vulnerability allows a malicious local user to potentially gain elevated privileges on the system. Technical Details The root cause of this vulnerability lies in the lack of proper security hardening of the InstallationHelper service. Specifically: Missing Hardened Runtime: The InstallationHelper service lacks a hardened runtime, which would provide additional security protections against code injection and other attacks. Absence of __RESTRICT Segment: The absence of a __RESTRICT segment in the binary allows for…

Overview CVE-2025-55076 is a local privilege escalation vulnerability affecting the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. This flaw allows a malicious local user to potentially gain root privileges on the affected system. The vulnerability stems from the service’s acceptance of unauthenticated XPC connections and the subsequent execution of user-supplied input via the system() call. Technical Details The Plugin Alliance Installation Manager utilizes the InstallationHelper service to perform tasks requiring elevated privileges. However, version 1.4.0 of this service is vulnerable due to the following: Unauthenticated XPC Connections: The InstallationHelper service accepts XPC (Inter-Process Communication) connections without…

Overview CVE-2025-54326 describes a denial-of-service vulnerability affecting the camera driver within Samsung Mobile Processor Exynos 1280 and 2200. This vulnerability arises from the unnecessary registration of a hardware IP address within the camera device driver, which can lead to a NULL pointer dereference. Exploitation of this flaw can result in a denial of service, potentially rendering the camera functionality unusable. Technical Details The root cause of CVE-2025-54326 lies in how the Camera device driver manages hardware IP address registration. Specifically, under certain conditions, the driver attempts to register an IP address that is not properly initialized. When the driver subsequently…

Overview CVE-2025-54065 is a high-severity vulnerability affecting GZDoom, a popular feature-centric port for all Doom engine games. This vulnerability, reported on December 3rd, 2025, stems from insecure handling of ZScript actor states and can lead to arbitrary code execution on affected systems. Exploitation of this vulnerability allows attackers to gain complete control over the system running GZDoom. Technical Details The vulnerability lies within GZDoom’s ZScript scripting engine, specifically how actor states are handled. Versions 4.14.2 and earlier are vulnerable. The issue arises because ZScript actor state handling allows scripts to perform the following malicious actions: Read arbitrary memory addresses. Write…

Overview CVE-2025-53965 is a security vulnerability discovered in a range of Samsung Exynos processors and modems. This flaw affects devices utilizing Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The vulnerability lies in the handling of SOR (Samsung Object Runtime) transparent containers, specifically a lack of proper bounds checking during the decoding process. This can potentially lead to a fatal error and impact device stability. Technical Details The core of the issue resides within the function responsible for decoding SOR transparent containers. Insufficient bounds checking…