Overview CVE-2025-9624 details a Denial of Service (DoS) vulnerability affecting OpenSearch. This vulnerability allows a remote attacker to trigger a DoS condition by sending specially crafted, complex query_string inputs to the OpenSearch server. Successful exploitation of this vulnerability can render the OpenSearch service unavailable, impacting applications and services that rely on it. The vulnerability affects all OpenSearch versions prior to 3.2.0. Immediate action is recommended to mitigate the risk. Technical Details The vulnerability stems from insufficient validation and processing of the query_string parameter within OpenSearch’s search API. Attackers can craft overly complex or deeply nested queries that consume excessive resources,…

Overview CVE-2025-66017 identifies a significant vulnerability in the CGGMP24 ECDSA Threshold Signature Scheme (TSS) protocol, specifically affecting versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24. The vulnerability stems from the misuse of pre-signatures, which could substantially weaken the overall security of the system. The release of cggmp24 version 0.7.0-alpha.2 addresses this issue with API changes that prevent insecure use of pre-signatures. Technical Details CGGMP24 is a state-of-the-art ECDSA TSS protocol designed for 1-round signing (requiring 3 preprocessing rounds), identifiable abort, and key refresh capabilities. The vulnerability lies in how pre-signatures were handled in earlier versions. Specifically, pre-signatures,…

Published: 2025-11-25T20:16:00.640 Overview A significant security vulnerability, identified as CVE-2025-66016, has been discovered in CGGMP24, a state-of-the-art ECDSA Threshold Signature Scheme (TSS) protocol. This protocol supports 1-round signing (requiring 3 preprocessing rounds), identifiable abort, and a key refresh protocol. The vulnerability, present in versions prior to 0.6.3, allows a single malicious signer to potentially reconstruct the full private key due to a missing check in the Zero-Knowledge (ZK) proof. Technical Details The core issue lies in an insufficient validation within the ZK proof mechanism of the CGGMP24 protocol. Without proper verification, a malicious actor participating in the signing process can…

Overview A credential disclosure vulnerability, identified as CVE-2025-65965, has been discovered in Grype, a popular vulnerability scanner for container images and filesystems. This vulnerability affects versions 0.68.0 through 0.104.0. When using the --file or --output json=<file> options, Grype inadvertently includes registry credentials within the output file, potentially exposing sensitive information. Technical Details The vulnerability stems from improper sanitization of registry credentials when writing Grype’s output to a file. Specifically, if registry credentials are defined (e.g., via environment variables or configuration files), the credentials are included in plain text within the JSON output file created using the --file or --output json=<file>…

Overview CVE-2025-65647 describes an Insecure Direct Object Reference (IDOR) vulnerability found in the Track order function of PHPGURUKUL Online Shopping Portal version 2.1. This vulnerability allows an attacker to potentially access sensitive order information belonging to other users by manipulating the `oid` parameter in the track order functionality. This can lead to unauthorized information disclosure, posing a significant risk to user privacy and security. Technical Details The vulnerability lies in how the application handles the `oid` (order ID) parameter within the order tracking feature. The application fails to properly validate and authorize whether the user requesting the order information is…

Overview CVE-2025-51742 details a critical vulnerability found in jishenghua JSH_ERP version 2.3.1. This vulnerability stems from improper handling of user-supplied input within the /material/getMaterialEnableSerialNumberList endpoint. Specifically, the application passes the search query parameter directly to the parseObject() method of the Fastjson library without adequate sanitization. This can be exploited to achieve Remote Code Execution (RCE) by crafting malicious JDBC payloads. Technical Details The root cause of this vulnerability lies in the insecure use of Fastjson’s deserialization capabilities. Fastjson, by default, supports deserializing Java objects from JSON strings. When uncontrolled user input is fed directly into parseObject(), an attacker can inject…

Overview CVE-2025-12816 describes an interpretation-conflict vulnerability (CWE-436) affecting node-forge versions 1.3.1 and earlier. This vulnerability allows unauthenticated attackers to craft specific ASN.1 structures that can desynchronize schema validations. This desynchronization can lead to semantic divergence, potentially bypassing crucial downstream cryptographic verifications and security decisions. Essentially, the vulnerability allows an attacker to create data that is interpreted differently by different parts of the system, leading to security compromises. Technical Details The vulnerability stems from inconsistencies in how node-forge parses and validates ASN.1 (Abstract Syntax Notation One) structures. ASN.1 is a standard and notation describing rules and structures for representing, encoding, transmitting,…

Overview A cross-site scripting (XSS) vulnerability, identified as CVE-2025-65961, has been discovered in the Contao Open Source CMS. This vulnerability allows an attacker to inject malicious code into template outputs, which is then executed in the browser of both front-end and back-end users. The vulnerability affects Contao versions prior to 4.13.57, 5.3.42, and 5.6.5. Patches are available in versions 4.13.57, 5.3.42, and 5.6.5 to address this issue. Technical Details CVE-2025-65961 stems from insufficient sanitization of user-controlled data within specific templates of the Contao CMS. An attacker can exploit this by injecting arbitrary HTML or JavaScript code into the template input.…

Overview CVE-2025-65960 is a medium severity Remote Code Execution (RCE) vulnerability affecting Contao, an Open Source CMS. This vulnerability exists in versions prior to 4.13.57, 5.3.42, and 5.6.5. It allows authenticated back-end users with specific control over template closures to execute arbitrary PHP functions, provided those functions do not require parameters. The vulnerability stems from insufficient sanitization or validation of user-controlled input within the template processing engine. This can lead to unintended execution of potentially dangerous PHP functions. Technical Details The core issue lies within the Contao\Template::once() method and how it handles user-defined template closures. If a back-end user possesses…

Overview CVE-2025-64067 details a significant data exposure vulnerability within the Primakon Pi Portal version 1.0.18. Specifically, the API endpoints responsible for retrieving object-specific data (like user profiles and project records) lack sufficient server-side validation to confirm the requesting user’s authorization to access the requested data. This can lead to unauthorized access to sensitive personal and organizational information. Technical Details The vulnerability can be exploited in two primary ways: Direct ID Manipulation (IDOR): By manipulating the ID parameter (e.g., user_id, project_id) in API requests, an attacker can potentially access objects and data belonging to other users. For example, changing user_id from…