Pierre-Yves Beaudouin<p>rhoo ils ont renommé la "contribution volontaire obligatoire" </p><p><a href="https://mamot.fr/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mamot.fr/tags/CVO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVO</span></a> <a href="https://mamot.fr/tags/1jour1taxe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1jour1taxe</span></a></p>
lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.
Administered by:
Server stats:
53active users
lingo.lol: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#cve
0 posts · 0 participants · 0 posts today
gcve.eu<p>In the scope of GCVE and <span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>circl</span></a></span> we couldn't find a practical, publicly available, and accessible document that outlines best practices for vulnerability handling and disclosure.</p><p>So we created a new one, released under an open-source license, to which everyone can freely contribute.</p><p>PDF: <a href="https://gcve.eu/files/bcp/gcve-bcp-02.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gcve.eu/files/bcp/gcve-bcp-02.</span><span class="invisible">pdf</span></a><br>HTML: <a href="https://gcve.eu/bcp/gcve-bcp-02/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gcve.eu/bcp/gcve-bcp-02/</span><span class="invisible"></span></a><br>Contributing: <a href="https://github.com/gcve-eu/gcve.eu/blob/main/content/bcp/gcve-bcp-02.md" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/gcve-eu/gcve.eu/blo</span><span class="invisible">b/main/content/bcp/gcve-bcp-02.md</span></a></p><p><a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cvd</span></a></p>
Prof. Dr. Dennis-Kenji Kipker<p>Seit 8 Jahren bin ich als Advisor im <a href="https://chaos.social/tags/CERT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CERT</span></a>@<a href="https://chaos.social/tags/VDE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VDE</span></a> tätig – und freue mich deshalb umso mehr darüber, dass es jetzt Deutschlands erste Root-<a href="https://chaos.social/tags/CNA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CNA</span></a> geworden ist – herzliche Glückwünsche!</p><p>Mit dem <a href="https://chaos.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-System werden seit über 25 Jahren Schwachstellen erfasst und mit einer eindeutigen Kennung versehen, um sie zur Mitigation zuordnen zu können. Root-CNAs haben die Aufgabe, die CVE Numbering Authorities (CNAs) zu koordinieren - eine verantwortungsvolle Position in der Cybersecurity:<br><a href="https://www.heise.de/news/Security-CERT-VDE-wird-erste-deutsche-Schaltzentrale-fuer-Sicherheitsluecken-10502241.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Security-CERT-VD</span><span class="invisible">E-wird-erste-deutsche-Schaltzentrale-fuer-Sicherheitsluecken-10502241.html</span></a></p>
Alexandre Dulaunoy<p>I love the <span class="h-card" translate="no"><a href="https://infosec.exchange/@github" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>github</span></a></span> Security Advisory Database because they actually preserve the data from rejected advisories including the original information and the reason for rejection.</p><p>It’s clearly much more insightful than just having a bare ID marked as "rejected."</p><p>You can easily spot this in vulnerability-lookup: <a href="https://vulnerability.circl.lu/vuln/cve-2025-54371#related" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-54371#related</span></a></p><p>Yet another great example of why having diverse sources for vulnerability data matters.</p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>The Rust Project is now a CVE Numbering Authority (CNA) assigning CVE IDs for repositories, packages, & websites maintained by the Rust Project<br> <a href="https://cve.org/Media/News/item/news/2025/07/22/The-Rust-Project-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/The-Rust-Project-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
KrebsOnSecurity RSS<p>Microsoft Fix Targets Attacks on SharePoint Zero-Day</p><p><a href="https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">krebsonsecurity.com/2025/07/mi</span><span class="invisible">crosoft-fix-targets-attacks-on-sharepoint-zero-day/</span></a></p><p> <a href="https://burn.capital/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a>&InfrastructureSecurityAgency <a href="https://burn.capital/tags/SharePointServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePointServer</span></a> <a href="https://burn.capital/tags/LatestWarnings" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LatestWarnings</span></a> <a href="https://burn.capital/tags/TheComingStorm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheComingStorm</span></a> <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-49704 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-49706 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-53770 <a href="https://burn.capital/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-53771 <a href="https://burn.capital/tags/MicrosoftCorp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicrosoftCorp</span></a>. <a href="https://burn.capital/tags/TimetoPatch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TimetoPatch</span></a> <a href="https://burn.capital/tags/EyeSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EyeSecurity</span></a> <a href="https://burn.capital/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
gcve.eu<p>GCVE.eu initiative - introduction and how to become a GNA. Video published.</p><p><a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p>📽️ <a href="https://www.youtube.com/watch?v=Va3almPab1M" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=Va3almPab1</span><span class="invisible">M</span></a></p>
Paul Chambers🚧<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bluetea</span></a></span> <a href="https://oldfriends.live/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> releases emergency patches for SharePoint RCE flaws exploited in attacks ~ BleepingComputer <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/micr</span><span class="invisible">osoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/</span></a> <a href="https://oldfriends.live/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://oldfriends.live/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://oldfriends.live/tags/sharepoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sharepoint</span></a> </p><p><span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span></p>
Paul Chambers🚧<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bluetea</span></a></span> Also, here is the release: </p><p>🔗 Customer guidance for SharePoint vulnerability CVE-2025-53770<br><a href="https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">msrc.microsoft.com/blog/2025/0</span><span class="invisible">7/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/</span></a></p><p><a href="https://archive.ph/Dlhra" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">archive.ph/Dlhra</span><span class="invisible"></span></a> <a href="https://oldfriends.live/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://oldfriends.live/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://oldfriends.live/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hack</span></a> <a href="https://oldfriends.live/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://oldfriends.live/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> </p><p><span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span></p>
NLnet Labs<p>Unbound 1.23.1 in now available. This security release fixes the Rebirthday Attack CVE-2025-5994.</p><p>The vulnerability re-opens up <a href="https://social.nlnetlabs.nl/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> resolvers to a birthday paradox, for EDNS client subnet servers that respond with non-ECS answers. The <a href="https://social.nlnetlabs.nl/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> is described here:<br><a href="https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nlnetlabs.nl/downloads/unbound</span><span class="invisible">/CVE-2025-5994.txt</span></a></p><p>We would like to thank Xiang Li (AOSP Lab, Nankai University) for discovering and responsibly disclosing the vulnerability. <br><a href="https://github.com/NLnetLabs/unbound/releases/tag/release-1.23.1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/unbound/r</span><span class="invisible">eleases/tag/release-1.23.1</span></a></p>
Paco Hope #resist<p>Somehow I missed <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-38392#vulnCurrentDescriptionTitle" rel="nofollow noopener" target="_blank">this CVE</a> when it came out in 2022.</p><p>I think it's called a Jackson-in-the-Middle attack.</p><blockquote><p>Certain 5400 RPM hard drives, ... allow physically proximate attackers to cause a ... device malfunction ... via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.</p></blockquote><p>I like that CVE links to <a href="https://www.youtube.com/watch?v=nSvu9IDUjZw&t=416s" rel="nofollow noopener" target="_blank">a YouTube video</a> where someone tried to reproduce it. </p><p><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://infosec.exchange/tags/JanetJackson" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JanetJackson</span></a></p>
Pyrzout :vm:<p>12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege Escalation <a href="https://gbhackers.com/12-year-old-sudo-vulnerability/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gbhackers.com/12-year-old-sudo</span><span class="invisible">-vulnerability/</span></a> <a href="https://social.skynetcloud.site/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>/vulnerability <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a></p>
circl<p>An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability is exploited in the wild by the "TheMoon" worm.</p><p><a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/linksys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linksys</span></a> </p><p>🔗 <a href="https://vulnerability.circl.lu/vuln/cve-2025-34037" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-34037</span></a></p>
Josh Bressers<p>I chatted with Philippe Ombredanne about Package URLs, or PURLs. He created them, so he knows a thing or two.</p><p>We do complain about CPE quite a bit :)</p><p>But it's a really hard problem. It feels like a package identifier should be easy, but it's way harder than you think it is. There's nobody better than Philippe to drop some knowledge.</p><p><a href="https://opensourcesecurity.io/2025/2025-06-purl-philippe-ombredanne/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensourcesecurity.io/2025/202</span><span class="invisible">5-06-purl-philippe-ombredanne/</span></a></p><p><a href="https://infosec.exchange/tags/PURL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PURL</span></a> <br><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <br><a href="https://infosec.exchange/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBOM</span></a></p>
Jan Wildeboer 😷:krulorange:<p>Dear <span class="h-card" translate="no"><a href="https://mastodon.social/@Gargron" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Gargron</span></a></span> — Can we take another, fresh look at <a href="https://github.com/mastodon/mastodon/issues/20694" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mastodon/mastodon/i</span><span class="invisible">ssues/20694</span></a> ? Hashtags should ultimately support full UTF8, IMHO, but adding at the very least the dash would be very helpful. It's not just band or artist names. CVEs are a better example. It would be really helpful when I can use <a href="https://social.wildeboer.net/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-2025-6019 instead of <a href="https://social.wildeboer.net/tags/CVE20256019" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE20256019</span></a> as I am forced to do now. I guess hashtags are not in scope of the ActivityPub protocol, <span class="h-card" translate="no"><a href="https://cosocial.ca/@evan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>evan</span></a></span> ?</p>
OSI Policy Team<p><a href="https://social.opensource.org/tags/OSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSI</span></a> gave feedback to an <a href="https://social.opensource.org/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> consultation on the <a href="https://social.opensource.org/tags/CyberSecurityAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityAct</span></a> (the law that created the EU Agency for Cybersecurity, <a href="https://social.opensource.org/tags/ENISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ENISA</span></a>) We propose:</p><p>⚠️ Aligning the EU Vulnerability Database with the <a href="https://social.opensource.org/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> system, moving towards federated vulnerability reporting.</p><p>🧰 Expanding ENISA's public resources, especially Cybersecurity advice & Open Source Software recommendations.</p><p>💶 Supporting security audits, pentesting & bug bounties for key Open Source projects.</p><p>Our feedback: <a href="https://h1.nu/15r4X" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">h1.nu/15r4X</span><span class="invisible"></span></a><br>🧵⬇️</p>
Eva Winterschön<p>CVE-2025-5689 😂🙃</p><p>Fire up your "anyone we don't know gets root!" account SSH sessions to gain unmitigated control over Ubuntu systems running "Systemd AuthD"</p><p>Clown shoes over there, ffs how is this even a real CVE 🤦🏼♀️</p><p>- <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-5689" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/CVE-2</span><span class="invisible">025-5689</span></a><br>- <a href="https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjr" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/ubuntu/authd/securi</span><span class="invisible">ty/advisories/GHSA-g8qw-mgjx-rwjr</span></a></p><p><a href="https://mastodon.bsd.cafe/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> <a href="https://mastodon.bsd.cafe/tags/uhuhuhubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uhuhuhubuntu</span></a> <a href="https://mastodon.bsd.cafe/tags/ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ubuntu</span></a> <a href="https://mastodon.bsd.cafe/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bsd.cafe/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.bsd.cafe/tags/noreally" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>noreally</span></a> <a href="https://mastodon.bsd.cafe/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.bsd.cafe/tags/authd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authd</span></a></p>
nicolas<p>pour celles et ceux qui ont déployé des roundcube il va falloir faire la mise à jour rapidement</p><p><a href="https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/06/crit</span><span class="invisible">ical-10-year-old-roundcube-webmail.html</span></a></p><p><a href="https://mastodon.mim-libre.fr/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.mim-libre.fr/tags/messagerie" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>messagerie</span></a> <a href="https://mastodon.mim-libre.fr/tags/webmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webmail</span></a> <a href="https://mastodon.mim-libre.fr/tags/courriel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>courriel</span></a> <a href="https://mastodon.mim-libre.fr/tags/roundcube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>roundcube</span></a></p>
openSUSE Linux<p>May’s <a href="https://fosstodon.org/tags/Tumbleweed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tumbleweed</span></a> update rolled out <a href="https://fosstodon.org/tags/QEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QEMU</span></a> 10.0 for improved virtualization 🖥️⚡ and <a href="https://fosstodon.org/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSSL</span></a> 3.5.0 with post-<a href="https://fosstodon.org/tags/quantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quantum</span></a> <a href="https://fosstodon.org/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>crypto</span></a> 💡Security got serious with <a href="https://fosstodon.org/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> fixes 🛡️ <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSUSE</span></a> <a href="https://news.opensuse.org/2025/06/02/tw-monthly-update-may/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/06/02/t</span><span class="invisible">w-monthly-update-may/</span></a></p>
Alexandre Dulaunoy<p>CVE-2024-4367 (PDF.js) is gaining traction in some exploitation-focused Telegram channels...</p><p><a href="https://vulnerability.circl.lu/cve/CVE-2024-4367" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/cve/CVE</span><span class="invisible">-2024-4367</span></a></p><p>seen via <span class="h-card" translate="no"><a href="https://infosec.exchange/@ail_project" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ail_project</span></a></span> </p><p><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintelligence</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploit</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload