#ssrf

[ follow ]
#chainlit #arbitrary-file-read #oracle-e-business-suite #cve-2025-61884 #lmdeploy #security-vulnerability
Information security
fromThe Hacker News
1 week ago

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity SSRF vulnerability in LMDeploy is actively exploited, allowing attackers to access sensitive data and internal networks.
Information security
fromSecurityWeek
2 months ago

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Critical and high-severity vulnerabilities were found in Apryse and Foxit PDF platforms that could enable account takeover, data exfiltration, and remote code execution.
#chainlit
more#chainlit
Information security
fromThe Hacker News
6 months ago

Five New Exploited Bugs Land in CISA's Catalog - Oracle and Microsoft Among Targets

CISA confirmed CVE-2025-61884 SSRF in Oracle E-Business Suite is being exploited in the wild and added it to the KEV catalog.
fromThe Hacker News
7 months ago

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to compromise a target system by injecting a specially crafted HTML iframe element.
Information security
fromThe Hacker News
1 year ago

How Breaches Start: Breaking Down 5 Real Vulns

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches.
Information security
[ Load more ]