#ssrf

[ follow ]
#chainlit #arbitrary-file-read #oracle-e-business-suite #cve-2025-61884 #cloud-secrets
#chainlit
fromThe Hacker News
1 week ago
Information security

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

Critical Chainlit (ChainLeak) vulnerabilities enable arbitrary file reads and SSRF, risking cloud API key exposure, sensitive file theft, privilege escalation, and lateral movement.
fromTheregister
1 week ago
Information security

AI framework flaws put enterprise clouds at risk of takeover

Two Chainlit vulnerabilities enable arbitrary file reads and SSRF attacks, risking exposure of environment variables, credentials, and potential cloud takeover if not patched.
more#chainlit
Information security
fromThe Hacker News
3 months ago

Five New Exploited Bugs Land in CISA's Catalog - Oracle and Microsoft Among Targets

CISA confirmed CVE-2025-61884 SSRF in Oracle E-Business Suite is being exploited in the wild and added it to the KEV catalog.
fromThe Hacker News
4 months ago

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to compromise a target system by injecting a specially crafted HTML iframe element.
Information security
fromThe Hacker News
9 months ago

How Breaches Start: Breaking Down 5 Real Vulns

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches.
Information security
[ Load more ]