CVE-2025-2031

ChestnutCMS up to version 1.5.2 exposes a vulnerability in the file upload endpoint /dev-api/cms/file/upload. The root cause is lack of validation of the uploaded file in the parameter file, enabling an attacker to perform an unrestricted upload and remotely execute arbitrary code. Multiple sourc...

Hyperledger: DOS validator nodes of blockchain to block external connections

Attack was documented in the in the github repo: https://github.com/hyperledger/indy-node/security/advisories/GHSA-x996-7qh9-7ff7 Attack: The attacker sends 500 read requests to each node and opens a new one when holding 500 parallel connections. Every user is able to send read requests since it'...