lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

53
active users

#cve

0 posts0 participants0 posts today
Pierre-Yves Beaudouin<p>rhoo ils ont renommé la "contribution volontaire obligatoire" </p><p><a href="https://mamot.fr/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mamot.fr/tags/CVO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVO</span></a> <a href="https://mamot.fr/tags/1jour1taxe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1jour1taxe</span></a></p>
gcve.eu<p>In the scope of GCVE and <span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>circl</span></a></span> we couldn't find a practical, publicly available, and accessible document that outlines best practices for vulnerability handling and disclosure.</p><p>So we created a new one, released under an open-source license, to which everyone can freely contribute.</p><p>PDF: <a href="https://gcve.eu/files/bcp/gcve-bcp-02.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gcve.eu/files/bcp/gcve-bcp-02.</span><span class="invisible">pdf</span></a><br>HTML: <a href="https://gcve.eu/bcp/gcve-bcp-02/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gcve.eu/bcp/gcve-bcp-02/</span><span class="invisible"></span></a><br>Contributing: <a href="https://github.com/gcve-eu/gcve.eu/blob/main/content/bcp/gcve-bcp-02.md" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/gcve-eu/gcve.eu/blo</span><span class="invisible">b/main/content/bcp/gcve-bcp-02.md</span></a></p><p><a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cvd</span></a></p>
Prof. Dr. Dennis-Kenji Kipker<p>Seit 8 Jahren bin ich als Advisor im <a href="https://chaos.social/tags/CERT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CERT</span></a>@<a href="https://chaos.social/tags/VDE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VDE</span></a> tätig – und freue mich deshalb umso mehr darüber, dass es jetzt Deutschlands erste Root-<a href="https://chaos.social/tags/CNA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CNA</span></a> geworden ist – herzliche Glückwünsche!</p><p>Mit dem <a href="https://chaos.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-System werden seit über 25 Jahren Schwachstellen erfasst und mit einer eindeutigen Kennung versehen, um sie zur Mitigation zuordnen zu können. Root-CNAs haben die Aufgabe, die CVE Numbering Authorities (CNAs) zu koordinieren - eine verantwortungsvolle Position in der Cybersecurity:<br><a href="https://www.heise.de/news/Security-CERT-VDE-wird-erste-deutsche-Schaltzentrale-fuer-Sicherheitsluecken-10502241.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Security-CERT-VD</span><span class="invisible">E-wird-erste-deutsche-Schaltzentrale-fuer-Sicherheitsluecken-10502241.html</span></a></p>
Alexandre Dulaunoy<p>I love the <span class="h-card" translate="no"><a href="https://infosec.exchange/@github" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>github</span></a></span> Security Advisory Database because they actually preserve the data from rejected advisories including the original information and the reason for rejection.</p><p>It’s clearly much more insightful than just having a bare ID marked as "rejected."</p><p>You can easily spot this in vulnerability-lookup: <a href="https://vulnerability.circl.lu/vuln/cve-2025-54371#related" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-54371#related</span></a></p><p>Yet another great example of why having diverse sources for vulnerability data matters.</p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>The Rust Project is now a CVE Numbering Authority (CNA) assigning CVE IDs for repositories, packages, &amp; websites maintained by the Rust Project<br> <a href="https://cve.org/Media/News/item/news/2025/07/22/The-Rust-Project-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/The-Rust-Project-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
KrebsOnSecurity RSS<p>Microsoft Fix Targets Attacks on SharePoint Zero-Day</p><p><a href="https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">krebsonsecurity.com/2025/07/mi</span><span class="invisible">crosoft-fix-targets-attacks-on-sharepoint-zero-day/</span></a></p><p> <a href="https://burn.capital/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a>&amp;InfrastructureSecurityAgency <a href="https://burn.capital/tags/SharePointServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePointServer</span></a> <a href="https://burn.capital/tags/LatestWarnings" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LatestWarnings</span></a> <a href="https://burn.capital/tags/TheComingStorm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheComingStorm</span></a> <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-49704 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-49706 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-53770 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-53771 <a href="https://burn.capital/tags/MicrosoftCorp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicrosoftCorp</span></a>. <a href="https://burn.capital/tags/TimetoPatch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TimetoPatch</span></a> <a href="https://burn.capital/tags/EyeSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EyeSecurity</span></a> <a href="https://burn.capital/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
gcve.eu<p>GCVE.eu initiative - introduction and how to become a GNA. Video published.</p><p><a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p>📽️ <a href="https://www.youtube.com/watch?v=Va3almPab1M" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=Va3almPab1</span><span class="invisible">M</span></a></p>
Paul Chambers🚧<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bluetea</span></a></span> <a href="https://oldfriends.live/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> releases emergency patches for SharePoint RCE flaws exploited in attacks ~ BleepingComputer <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/micr</span><span class="invisible">osoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/</span></a> <a href="https://oldfriends.live/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://oldfriends.live/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://oldfriends.live/tags/sharepoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sharepoint</span></a> </p><p><span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span></p>
Paul Chambers🚧<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bluetea</span></a></span> Also, here is the release: </p><p>🔗 Customer guidance for SharePoint vulnerability CVE-2025-53770<br><a href="https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">msrc.microsoft.com/blog/2025/0</span><span class="invisible">7/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/</span></a></p><p><a href="https://archive.ph/Dlhra" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">archive.ph/Dlhra</span><span class="invisible"></span></a> <a href="https://oldfriends.live/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://oldfriends.live/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://oldfriends.live/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hack</span></a> <a href="https://oldfriends.live/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://oldfriends.live/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> </p><p><span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span></p>
NLnet Labs<p>Unbound 1.23.1 in now available. This security release fixes the Rebirthday Attack CVE-2025-5994.</p><p>The vulnerability re-opens up <a href="https://social.nlnetlabs.nl/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> resolvers to a birthday paradox, for EDNS client subnet servers that respond with non-ECS answers. The <a href="https://social.nlnetlabs.nl/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> is described here:<br><a href="https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nlnetlabs.nl/downloads/unbound</span><span class="invisible">/CVE-2025-5994.txt</span></a></p><p>We would like to thank Xiang Li (AOSP Lab, Nankai University) for discovering and responsibly disclosing the vulnerability. <br><a href="https://github.com/NLnetLabs/unbound/releases/tag/release-1.23.1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/unbound/r</span><span class="invisible">eleases/tag/release-1.23.1</span></a></p>
Paco Hope #resist<p>Somehow I missed <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-38392#vulnCurrentDescriptionTitle" rel="nofollow noopener" target="_blank">this CVE</a> when it came out in 2022.</p><p>I think it's called a Jackson-in-the-Middle attack.</p><blockquote><p>Certain 5400 RPM hard drives, ... allow physically proximate attackers to cause a ... device malfunction ... via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.</p></blockquote><p>I like that CVE links to <a href="https://www.youtube.com/watch?v=nSvu9IDUjZw&amp;t=416s" rel="nofollow noopener" target="_blank">a YouTube video</a> where someone tried to reproduce it. </p><p><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://infosec.exchange/tags/JanetJackson" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JanetJackson</span></a></p>
Pyrzout :vm:<p>12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege Escalation <a href="https://gbhackers.com/12-year-old-sudo-vulnerability/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gbhackers.com/12-year-old-sudo</span><span class="invisible">-vulnerability/</span></a> <a href="https://social.skynetcloud.site/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>/vulnerability <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a></p>
circl<p>An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability is exploited in the wild by the "TheMoon" worm.</p><p><a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/linksys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linksys</span></a> </p><p>🔗 <a href="https://vulnerability.circl.lu/vuln/cve-2025-34037" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-34037</span></a></p>
Josh Bressers<p>I chatted with Philippe Ombredanne about Package URLs, or PURLs. He created them, so he knows a thing or two.</p><p>We do complain about CPE quite a bit :)</p><p>But it's a really hard problem. It feels like a package identifier should be easy, but it's way harder than you think it is. There's nobody better than Philippe to drop some knowledge.</p><p><a href="https://opensourcesecurity.io/2025/2025-06-purl-philippe-ombredanne/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensourcesecurity.io/2025/202</span><span class="invisible">5-06-purl-philippe-ombredanne/</span></a></p><p><a href="https://infosec.exchange/tags/PURL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PURL</span></a> <br><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <br><a href="https://infosec.exchange/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBOM</span></a></p>
Jan Wildeboer 😷:krulorange:<p>Dear <span class="h-card" translate="no"><a href="https://mastodon.social/@Gargron" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Gargron</span></a></span> — Can we take another, fresh look at <a href="https://github.com/mastodon/mastodon/issues/20694" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mastodon/mastodon/i</span><span class="invisible">ssues/20694</span></a> ? Hashtags should ultimately support full UTF8, IMHO, but adding at the very least the dash would be very helpful. It's not just band or artist names. CVEs are a better example. It would be really helpful when I can use <a href="https://social.wildeboer.net/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-6019 instead of <a href="https://social.wildeboer.net/tags/CVE20256019" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE20256019</span></a> as I am forced to do now. I guess hashtags are not in scope of the ActivityPub protocol, <span class="h-card" translate="no"><a href="https://cosocial.ca/@evan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>evan</span></a></span> ?</p>
OSI Policy Team<p><a href="https://social.opensource.org/tags/OSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSI</span></a> gave feedback to an <a href="https://social.opensource.org/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> consultation on the <a href="https://social.opensource.org/tags/CyberSecurityAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityAct</span></a> (the law that created the EU Agency for Cybersecurity, <a href="https://social.opensource.org/tags/ENISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ENISA</span></a>) We propose:</p><p>⚠️ Aligning the EU Vulnerability Database with the <a href="https://social.opensource.org/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> system, moving towards federated vulnerability reporting.</p><p>🧰 Expanding ENISA's public resources, especially Cybersecurity advice &amp; Open Source Software recommendations.</p><p>💶 Supporting security audits, pentesting &amp; bug bounties for key Open Source projects.</p><p>Our feedback: <a href="https://h1.nu/15r4X" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">h1.nu/15r4X</span><span class="invisible"></span></a><br>🧵⬇️</p>
Eva Winterschön<p>CVE-2025-5689 😂🙃</p><p>Fire up your "anyone we don't know gets root!" account SSH sessions to gain unmitigated control over Ubuntu systems running "Systemd AuthD"</p><p>Clown shoes over there, ffs how is this even a real CVE 🤦🏼‍♀️</p><p>- <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-5689" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/CVE-2</span><span class="invisible">025-5689</span></a><br>- <a href="https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjr" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/ubuntu/authd/securi</span><span class="invisible">ty/advisories/GHSA-g8qw-mgjx-rwjr</span></a></p><p><a href="https://mastodon.bsd.cafe/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> <a href="https://mastodon.bsd.cafe/tags/uhuhuhubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uhuhuhubuntu</span></a> <a href="https://mastodon.bsd.cafe/tags/ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ubuntu</span></a> <a href="https://mastodon.bsd.cafe/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bsd.cafe/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.bsd.cafe/tags/noreally" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>noreally</span></a> <a href="https://mastodon.bsd.cafe/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.bsd.cafe/tags/authd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authd</span></a></p>
nicolas<p>pour celles et ceux qui ont déployé des roundcube il va falloir faire la mise à jour rapidement</p><p><a href="https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/06/crit</span><span class="invisible">ical-10-year-old-roundcube-webmail.html</span></a></p><p><a href="https://mastodon.mim-libre.fr/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.mim-libre.fr/tags/messagerie" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>messagerie</span></a> <a href="https://mastodon.mim-libre.fr/tags/webmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webmail</span></a> <a href="https://mastodon.mim-libre.fr/tags/courriel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>courriel</span></a> <a href="https://mastodon.mim-libre.fr/tags/roundcube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>roundcube</span></a></p>
openSUSE Linux<p>May’s <a href="https://fosstodon.org/tags/Tumbleweed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tumbleweed</span></a> update rolled out <a href="https://fosstodon.org/tags/QEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QEMU</span></a> 10.0 for improved virtualization 🖥️⚡ and <a href="https://fosstodon.org/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSSL</span></a> 3.5.0 with post-<a href="https://fosstodon.org/tags/quantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quantum</span></a> <a href="https://fosstodon.org/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>crypto</span></a> 💡Security got serious with <a href="https://fosstodon.org/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> fixes 🛡️ <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSUSE</span></a> <a href="https://news.opensuse.org/2025/06/02/tw-monthly-update-may/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/06/02/t</span><span class="invisible">w-monthly-update-may/</span></a></p>
Alexandre Dulaunoy<p>CVE-2024-4367 (PDF.js) is gaining traction in some exploitation-focused Telegram channels...</p><p><a href="https://vulnerability.circl.lu/cve/CVE-2024-4367" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/cve/CVE</span><span class="invisible">-2024-4367</span></a></p><p>seen via <span class="h-card" translate="no"><a href="https://infosec.exchange/@ail_project" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ail_project</span></a></span> </p><p><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintelligence</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploit</span></a></p>