Why Security Researchers and Red Teams Are Turning to Workflow Automation

Security researchers and red teams adopt workflow automation to cut alert fatigue, enrich data, and scale operations across SOC, intel and recon tasks...

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges...

EUVD-2025-119990

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges...

CVE-2025-12869 aEnrich｜eHRD - Stored Cross-Site Scripting

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...

EUVD-2024-55022

Malicious code in bioql PyPI...

EUVD-2024-54364

Malicious code in bioql PyPI...

CVE-2024-4598

An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between...

CVE-2024-4598

An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between...

CVE-2024-4598

An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between...

CVE-2024-4598

CVE-2024-4598 concerns information disclosure in multiple WSO2 products caused by an improper implementation of the enrich mediator. Authenticated users may see unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between executions...

CVE-2024-4598 Information Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich Mediator

An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between...

WSO2 Identity Server 安全漏洞

WSO2 Identity Server IS is an identity server from the US-based WSO2 Inc. A security vulnerability exists in WSO2 Identity Server IS, which stems from an improper implementation of enrich mediator and could lead to the disclosure of sensitive business information...

PT-2025-39161

Name of the Vulnerable Software and Affected Versions WSO2 products affected versions not specified Description An information disclosure issue exists due to an improper implementation of the enrich mediator. Authenticated users may be able to view unintended business data from other mediation...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-47213

CVE-2024-47213 affects Enrich 5.1.0 and earlier. A malformed Snowplow event sent to the pipeline triggers validation to fail, causing Enrich to crash and restart in a loop, leading to halted event processing. Connected sources corroborate the same description; no concrete exploit details or remed...

Enrich 安全漏洞

Enrich is an enterprise-grade security platform for authentication and access management from Enrich. A security vulnerability exists in Enrich 5.1.0 and prior versions that originates from a maliciously constructed event that could cause the service to crash...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...