CVE-2025-32360 - Information Exposure and Draft Manipulation in Zammad 6.4.x
*Published: June 2024*
Recently, a critical security vulnerability—CVE-2025-32360—was found in Zammad, the popular open-source support and ticketing system. This post breaks down how
CVE-2025-32357 - Exploiting Zammad Knowledge Base Permissions Leak (Simple Guide & Proof of Concept)
---
Zammad is a popular open-source ticketing system used by businesses and communities around the world. It allows agents to collaborate, help customers, and provide
CVE-2024-56370 - Insecure Randomness in Net::Xero Perl Library Exposes Sensitive Data
CVE-2024-56370 highlights a major security vulnerability in the Perl module Net::Xero (version .044 and earlier). This widely-used library helps manage connections to the Xero
CVE-2025-27520 - Critical RCE in BentoML (<1.4.3) — Unsafe Deserialization Leads to Remote Code Execution
BentoML is a popular open-source Python framework designed for serving ML/AI models at scale with minimal code. Organizations adopt it to deploy ML models
CVE-2025-31161 - CrushFTP Authentication Bypass & Admin Takeover Explained
CrushFTP is a popular secure FTP, WebDAV, S3, and HTTP(S) file server solution, used by organizations globally. But in March and April 2025, attackers
Episode
00:00:00
00:00:00