[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.] [@ZeroPathLabs](/creator/twitter/ZeroPathLabs) "Keras CVE-2025-49655: Critical Deserialization Flaw A critical deserialization bug in Keras TorchModuleWrapper allows remote code execution. Update ASAP if you use Keras in production. For more details read ZeroPath's blog on this vuln. #AppSec #MLSecurity #CVE202549655" [X Link](https://x.com/ZeroPathLabs/status/1979230965311381697) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-17T17:00Z XX followers, XX engagements "Squid Proxy CVE-2025-62168: Critical Disclosure Alert A critical flaw in Squid Proxy leaks user credentials to attackers. Immediate patching is essential for all deployments. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #ProxySecurity" [X Link](https://x.com/ZeroPathLabs/status/1979243385153056959) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-17T17:49Z XX followers, XX engagements "Juniper Networks Junos Space Hit by Stored XSS (CVE-2025-59978) Attackers can inject malicious scripts into Junos Space via stored XSS risking user data exposure. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #Juniper" [X Link](https://x.com/ZeroPathLabs/status/1976346771388289485) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-09T17:59Z XX followers, XX engagements "Fortinet FortiVoice CVE-2025-47856: Command Injection Risk A command injection flaw in Fortinet FortiVoice lets attackers execute arbitrary commands. Patch ASAP if you rely on this system. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978112789056008629) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-14T14:56Z XX followers, XX engagements "FortiIsolator CVE-2024-33507: Patch Now Session expiration and auth flaws let attackers access restricted resources after logout in FortiIsolator. Patch ASAP for protection. For more details read ZeroPaths blog on this vuln. #AppSec #InfoSec #Fortinet" [X Link](https://x.com/ZeroPathLabs/status/1978141993332039694) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-14T16:52Z XX followers, XX engagements "Heap Overflow in Fortinet fgfmsd (CVE-2024-50571) Heap-based buffer overflow found in Fortinet fgfmsd may allow code execution. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978144473839178085) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-14T17:02Z XX followers, XX engagements "Fortinet FortiPAM & FortiSwitchManager: CVE-2025-49201 Weak authentication flaw could let attackers bypass login protections. Admins should review configs and update ASAP. For more details read ZeroPaths blog on this vuln. #AppSec #CyberSecurity #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978152028447633783) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-14T17:32Z XX followers, XX engagements "Fortinet SSL VPN RDP Bookmark Heap Overflow: What You Need to Know CVE-2025-57740 allows remote heap overflow in Fortinet SSL VPN via RDP bookmarks. Patch ASAP to avoid compromise. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #VPN" [X Link](https://x.com/ZeroPathLabs/status/1978152034768433544) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-14T17:32Z XX followers, XX engagements "Mattermost CVE-2025-58075: Authorization Bypass A flaw in Mattermost lets attackers bypass authorization using invite tokens and RelayState manipulation. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Mattermost" [X Link](https://x.com/ZeroPathLabs/status/1978763724493090946) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T10:03Z XX followers, XX engagements "Mattermost OAuth State Manipulation (CVE-2025-58073) Researchers found that Mattermost's OAuth flow is vulnerable to state manipulation leading to possible account hijacking. Patch ASAP and review your OAuth configs. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #OAuth" [X Link](https://x.com/ZeroPathLabs/status/1978763724681830892) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T10:03Z XX followers, XX engagements "WSO2 REST API Auth Bypass: What You Need to Know CVE-2025-10611 allows attackers to bypass authentication on WSO2 REST APIs. High risk for exposed APIspatch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #APISecurity #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978823005171069053) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T13:59Z XX followers, XX engagements "WSO2 API Manager Privilege Escalation CVE-2025-9152 A critical flaw in the DCR endpoint lets attackers escalate privileges in WSO2 API Manager. Patch ASAP to avoid compromise. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #PrivilegeEscalation" [X Link](https://x.com/ZeroPathLabs/status/1978823005540151354) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T13:59Z XX followers, XX engagements "Spring Cloud Gateway: CVE-2025-41253 Summary A SpEL injection flaw in Spring Cloud Gateway can leak sensitive environment variables. All users should review configs and patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #JavaSecurity" [X Link](https://x.com/ZeroPathLabs/status/1978848664828141800) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T15:41Z XX followers, XX engagements "Strapi CVE-2024-56143: Private Field Exposure A flaw in Strapi's document service lookup can leak private fields to unauthorized users. Update ASAP to protect sensitive data. For more details read ZeroPath's blog on this vuln. #AppSec #Strapi #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978866401440858371) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T16:51Z XX followers, XX engagements "MinIO CVE-2025-62506: Privilege Escalation Risk A newly discovered flaw in MinIO allows attackers to escalate privileges and compromise storage infrastructure. Patch ASAP to secure your deployments. For more details read ZeroPaths blog on this vuln. #CloudSecurity #AppSec #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1978952216619663501) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-16T22:32Z XX followers, XX engagements "Unauthenticated API Key Creation in better-auth (CVE-2025-61928) Attackers can generate valid API keys in better-auth without authentication. Immediate patching is critical. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Authentication" [X Link](https://x.com/ZeroPathLabs/status/1979272463658746352) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-17T19:45Z XX followers, XX engagements "CVE-2025-62645: Privilege Escalation in RBI Assistant Platform A new bug in Restaurant Brands International Assistant Platform lets attackers escalate privileges and access sensitive data. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec" [X Link](https://x.com/ZeroPathLabs/status/1979306362921197769) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-17T21:59Z XX followers, XXX engagements "CVE-2025-62650: Client-side Auth Weakness in RBI Assistant Platform Restaurant Brands International's Assistant Platform has a client-side authentication flaw letting attackers bypass access controls. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Vulnerability" [X Link](https://x.com/ZeroPathLabs/status/1979308692970291328) [@ZeroPathLabs](/creator/x/ZeroPathLabs) 2025-10-17T22:09Z XX followers, XXX engagements
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
@ZeroPathLabs
"Keras CVE-2025-49655: Critical Deserialization Flaw A critical deserialization bug in Keras TorchModuleWrapper allows remote code execution. Update ASAP if you use Keras in production. For more details read ZeroPath's blog on this vuln. #AppSec #MLSecurity #CVE202549655"
X Link @ZeroPathLabs 2025-10-17T17:00Z XX followers, XX engagements
"Squid Proxy CVE-2025-62168: Critical Disclosure Alert A critical flaw in Squid Proxy leaks user credentials to attackers. Immediate patching is essential for all deployments. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #ProxySecurity"
X Link @ZeroPathLabs 2025-10-17T17:49Z XX followers, XX engagements
"Juniper Networks Junos Space Hit by Stored XSS (CVE-2025-59978) Attackers can inject malicious scripts into Junos Space via stored XSS risking user data exposure. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #Juniper"
X Link @ZeroPathLabs 2025-10-09T17:59Z XX followers, XX engagements
"Fortinet FortiVoice CVE-2025-47856: Command Injection Risk A command injection flaw in Fortinet FortiVoice lets attackers execute arbitrary commands. Patch ASAP if you rely on this system. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #InfoSec"
X Link @ZeroPathLabs 2025-10-14T14:56Z XX followers, XX engagements
"FortiIsolator CVE-2024-33507: Patch Now Session expiration and auth flaws let attackers access restricted resources after logout in FortiIsolator. Patch ASAP for protection. For more details read ZeroPaths blog on this vuln. #AppSec #InfoSec #Fortinet"
X Link @ZeroPathLabs 2025-10-14T16:52Z XX followers, XX engagements
"Heap Overflow in Fortinet fgfmsd (CVE-2024-50571) Heap-based buffer overflow found in Fortinet fgfmsd may allow code execution. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #InfoSec"
X Link @ZeroPathLabs 2025-10-14T17:02Z XX followers, XX engagements
"Fortinet FortiPAM & FortiSwitchManager: CVE-2025-49201 Weak authentication flaw could let attackers bypass login protections. Admins should review configs and update ASAP. For more details read ZeroPaths blog on this vuln. #AppSec #CyberSecurity #InfoSec"
X Link @ZeroPathLabs 2025-10-14T17:32Z XX followers, XX engagements
"Fortinet SSL VPN RDP Bookmark Heap Overflow: What You Need to Know CVE-2025-57740 allows remote heap overflow in Fortinet SSL VPN via RDP bookmarks. Patch ASAP to avoid compromise. For more details read ZeroPath's blog on this vuln. #AppSec #CyberSecurity #VPN"
X Link @ZeroPathLabs 2025-10-14T17:32Z XX followers, XX engagements
"Mattermost CVE-2025-58075: Authorization Bypass A flaw in Mattermost lets attackers bypass authorization using invite tokens and RelayState manipulation. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Mattermost"
X Link @ZeroPathLabs 2025-10-16T10:03Z XX followers, XX engagements
"Mattermost OAuth State Manipulation (CVE-2025-58073) Researchers found that Mattermost's OAuth flow is vulnerable to state manipulation leading to possible account hijacking. Patch ASAP and review your OAuth configs. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #OAuth"
X Link @ZeroPathLabs 2025-10-16T10:03Z XX followers, XX engagements
"WSO2 REST API Auth Bypass: What You Need to Know CVE-2025-10611 allows attackers to bypass authentication on WSO2 REST APIs. High risk for exposed APIspatch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #APISecurity #InfoSec"
X Link @ZeroPathLabs 2025-10-16T13:59Z XX followers, XX engagements
"WSO2 API Manager Privilege Escalation CVE-2025-9152 A critical flaw in the DCR endpoint lets attackers escalate privileges in WSO2 API Manager. Patch ASAP to avoid compromise. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #PrivilegeEscalation"
X Link @ZeroPathLabs 2025-10-16T13:59Z XX followers, XX engagements
"Spring Cloud Gateway: CVE-2025-41253 Summary A SpEL injection flaw in Spring Cloud Gateway can leak sensitive environment variables. All users should review configs and patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #JavaSecurity"
X Link @ZeroPathLabs 2025-10-16T15:41Z XX followers, XX engagements
"Strapi CVE-2024-56143: Private Field Exposure A flaw in Strapi's document service lookup can leak private fields to unauthorized users. Update ASAP to protect sensitive data. For more details read ZeroPath's blog on this vuln. #AppSec #Strapi #InfoSec"
X Link @ZeroPathLabs 2025-10-16T16:51Z XX followers, XX engagements
"MinIO CVE-2025-62506: Privilege Escalation Risk A newly discovered flaw in MinIO allows attackers to escalate privileges and compromise storage infrastructure. Patch ASAP to secure your deployments. For more details read ZeroPaths blog on this vuln. #CloudSecurity #AppSec #InfoSec"
X Link @ZeroPathLabs 2025-10-16T22:32Z XX followers, XX engagements
"Unauthenticated API Key Creation in better-auth (CVE-2025-61928) Attackers can generate valid API keys in better-auth without authentication. Immediate patching is critical. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Authentication"
X Link @ZeroPathLabs 2025-10-17T19:45Z XX followers, XX engagements
"CVE-2025-62645: Privilege Escalation in RBI Assistant Platform A new bug in Restaurant Brands International Assistant Platform lets attackers escalate privileges and access sensitive data. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec"
X Link @ZeroPathLabs 2025-10-17T21:59Z XX followers, XXX engagements
"CVE-2025-62650: Client-side Auth Weakness in RBI Assistant Platform Restaurant Brands International's Assistant Platform has a client-side authentication flaw letting attackers bypass access controls. Patch ASAP. For more details read ZeroPath's blog on this vuln. #AppSec #InfoSec #Vulnerability"
X Link @ZeroPathLabs 2025-10-17T22:09Z XX followers, XXX engagements
/creator/twitter::1901759841724719104/posts