EUVD-2025-12372

Malicious code in bioql PyPI...

CVE-2025-2298

An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to...

CVE-2025-2298

An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to...

CVE-2025-2298 Authenticated API Endpoint Allows Arbitrary File Deletion in Dremio Software

An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to...

CVE-2025-2298

CVE-2025-2298 is an improper authorization vulnerability in Dremio Software where authenticated users can delete arbitrary files across local and remote locations due to insufficient API endpoint access controls. Impact includes potential data loss and DoS, with possible escalation depending on d...

CVE-2025-2298 Authenticated API Endpoint Allows Arbitrary File Deletion in Dremio Software

An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to...