CI/CD security

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE

• Vulnerability Report

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE

Do Son January 29, 2026 0

The maintainers of PHPUnit, the industry-standard testing framework for PHP, have released a critical security update to...

Read More Read more about CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover

• Vulnerability Report

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover

Do Son January 17, 2026 0

A seemingly minor misconfiguration in a regular expression could have allowed attackers to seize control of critical...

Read More Read more about CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover

GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks

• Vulnerability Report

GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks

Do Son November 26, 2025 0

GitLab has released an important security update today affecting both its Community Edition (CE) and Enterprise Edition...

Read More Read more about GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks

Docker Compose Path Traversal (CVE-2025-62725) Allows Arbitrary File Overwrite via OCI Artifacts

• Vulnerability Report

Docker Compose Path Traversal (CVE-2025-62725) Allows Arbitrary File Overwrite via OCI Artifacts

Do Son October 29, 2025 0

The Docker Compose project has disclosed a high-severity path traversal vulnerability tracked as CVE-2025-62725 (CVSS v4 8.9),...

Read More Read more about Docker Compose Path Traversal (CVE-2025-62725) Allows Arbitrary File Overwrite via OCI Artifacts

GitLab Patches High Runner Hijacking Flaw (CVE-2025-11702) and Multiple DoS Vulnerabilities

• Vulnerability Report

GitLab Patches High Runner Hijacking Flaw (CVE-2025-11702) and Multiple DoS Vulnerabilities

Do Son October 22, 2025 0

GitLab has released versions 18.5.1, 18.4.3, and 18.3.5 for both Community Edition (CE) and Enterprise Edition (EE)...

Read More Read more about GitLab Patches High Runner Hijacking Flaw (CVE-2025-11702) and Multiple DoS Vulnerabilities

CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

• Vulnerability Report

CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

Do Son June 9, 2025 0

A critical vulnerability in AWS Amplify’s UI generation tool, @aws-amplify/codegen-ui, is putting developers—and their build pipelines—at serious...

Read More Read more about CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass

• Vulnerability

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass

Do Son May 16, 2025 0

Jenkins, a popular open-source automation server, is a crucial tool for many development and operations teams. A...

Read More Read more about Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass