[2025.04 Vulnerability Report] FOXCMS Qianhu Remote Code Execution(CVE-2025-29306) CVE-2025-29306 is a vulnerability that can pose a serious security threat to organizations using FoxCMS. An attacker can exploit this vulnerability to gain complete control of the system, which can result in data leakage, service interruption, etc. Therefore, prompt patching and security enhancement measures are required for Read more about [2025.04 Vulnerability Report] FOXCMS Qianhu Remote Code Execution(CVE-2025-29306)[…]

[2025.04 Vulnerability Report] Apache Tomcat RCE Vulnerability (CVE-2025-24813) Apache Tomcat is a Java-based web application server widely used worldwide, and recently discovered a serious path equivalence vulnerability identified as CVE-2025-24813. This vulnerability poses a risk that an attacker can access restricted resources or execute arbitrary code without authentication due to a path validation error in Read more about [2025.04 Vulnerability Report] Apache Tomcat RCE Vulnerability (CVE-2025-24813)[…]

[2025.04 Vulnerability Report] Next.js Middleware Authentication Bypass The vulnerability is an authentication bypass vulnerability in Next.js, which allows an attacker to bypass access control for the API by sending the request by entering the middleware path in the x-middleware-request header or entering it to satisfy the recursive condition. The vulnerabilities were patched in Next.js versions Read more about [2025.04 Vulnerability Report] Next.js Middleware Authentication Bypass[…]