PT-2025-40045

Summary In the default configuration, webhook.azuredevops.username and webhook.azuredevops.password not set, Argo CD’s /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index 0 is...

PT-2025-40055

Name of the Vulnerable Software and Affected Versions Argo CD versions 1.2.0 through 1.8.7 Argo CD versions 2.0.0-rc1 through 2.14.19 Argo CD versions 3.0.0-rc1 through 3.2.0-rc1 Argo CD version 3.1.7 Argo CD version 3.0.18 Description Argo CD is susceptible to denial of service through malicious...

PT-2025-40056

Name of the Vulnerable Software and Affected Versions Argo CD versions 1.2.0 through 1.8.7 Argo CD versions 2.0.0-rc1 through 2.14.19 Argo CD versions 3.0.0-rc1 through 3.2.0-rc1 Argo CD version 3.1.7 Argo CD version 3.0.18 Description Argo CD is susceptible to malicious API requests that can lea...

PT-2025-40057

Name of the Vulnerable Software and Affected Versions Argo CD versions 2.9.0-rc1 through 2.14.19 Argo CD versions 3.0.0-rc1 through 3.2.0-rc1 Argo CD version 3.1.6 Argo CD version 3.0.17 Description Argo CD, a declarative GitOps continuous delivery tool for Kubernetes, is susceptible to a...

PT-2025-40042

Summary Unpatched Argo CD versions are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.bitbucketserver.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server...

Malicious code in soopsocks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adcaa2cfcfa52c7c1ed664a9389ba0bd0ddd2716ea4c475b22bcd2f62bc1ab95 The package promise creating a SOCKS proxy and report the server to a Discord webhook. And indeed appears to do so, but the attached autorun service seems to b...

MAL-2025-191872 Malicious code in soopsocks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adcaa2cfcfa52c7c1ed664a9389ba0bd0ddd2716ea4c475b22bcd2f62bc1ab95 The package promise creating a SOCKS proxy and report the server to a Discord webhook. And indeed appears to do so, but the attached autorun service seems to b...

GHSA-Q82V-H4RQ-5C86 Rancher update on users can deny the service to the admin

Impact A vulnerability has been identified within Rancher Manager where a missing server-side validation on the .username field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts. Specifically: - Username takeover: A user wit...

Rancher update on users can deny the service to the admin

Impact A vulnerability has been identified within Rancher Manager where a missing server-side validation on the .username field in Rancher can allow users with update permissions on other User resources to cause denial of access for targeted accounts. Specifically: - Username takeover: A user wit...

PT-2025-39663

Name of the Vulnerable Software and Affected Versions Rancher versions prior to 2.12.2 Rancher versions prior to 2.11.6 Rancher versions prior to 2.10.10 Rancher versions prior to 2.9.12 Description A missing server-side validation on the .username field in Rancher allows users with update...

GitLab 16.11 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-6454)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - The vulnerability exists due to insufficient validation of user-supplied input in Webhook custom header. A remote user can send a specially crafted HTTP request and trick the application to initiate...

Server-Side Request Forgery (SSRF)

org.apache.eventmesh:eventmesh-runtime is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of user-supplied URLs due to unsafe handling in the eventmesh-runtime module WebhookUtil.java, allowing attackers to read or update internal resources...

FreeBSD : Gitlab -- Vulnerabilities (602fc0fa-8ece-11f0-9d03-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 602fc0fa-8ece-11f0-9d03-2cf05da270f3 advisory. Gitlab reports: Denial of Service issue in SAML Responses impacts GitLab CE/EE Server-Side...

Gitlab -- Vulnerabilities

Gitlab reports: Denial of Service issue in SAML Responses impacts GitLab CE/EE Server-Side Request Forgery issue in Webhook custom header impacts GitLab CE/EE Denial of Service issue in User-Controllable Fields impacts GitLab CE/EE Denial of Service issue in endpoint file upload impacts GitLab...

CVE-2025-58445 Atlantis Exposes Service Version Publicly on /status API Endpoint

Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. All versions of Atlantis publicly expose detailed version information through its /status endpoint. This information disclosure could allow attackers to identify and target known...

Malicious code in giteegit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a26c5d911f4394086eca9dfca0dfb8b05cc0675bac36dfdbec08e30f6d1abed Package exfiltrates source code files to a telegram channel, while the description promises saving them to a git service --- Category: MALICIOUS - The campaign...

MAL-2025-191739 Malicious code in giteegit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a26c5d911f4394086eca9dfca0dfb8b05cc0675bac36dfdbec08e30f6d1abed Package exfiltrates source code files to a telegram channel, while the description promises saving them to a git service --- Category: MALICIOUS - The campaign...

Atlantis 信息泄露漏洞

Atlantis is a self-hosted golang application from the Atlantis open source. It listens to Terraform pull request events via webhook. An information disclosure vulnerability exists in Atlantis, which stems from the disclosure of version information and could lead to a targeted attack...

CVE-2025-9821

SummaryUsers with webhook permissions can conduct SSRF via webhooks. If they have permission to view the webhook logs, the partial request response is also disclosed DetailsWhen sending webhooks, the destination is not validated, causing SSRF. ImpactBypass of firewalls to interact with internal...

Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries

The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries. NotDoor "is a VBA macro for Outlook designed to monitor incoming emails for a...