CVE-2025-32788 – OctoPrint Authentication Bypass

April 22, 2025

CVE ID : CVE-2025-32788

Published : April 22, 2025, 6:15 p.m. | 31 minutes ago

Description : OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32951 – Jmix HTML Injection Vulnerability

Next Article CVE-2025-32950 – Jmix File Path Traversal Vulnerability

Highlights

CVE-2025-53538 – Suricata HTTP2 Data Stream 0 Memory Corruption Vulnerability

July 22, 2025

CVE ID : CVE-2025-53538

Published : July 22, 2025, 10:15 p.m. | 2 hours, 20 minutes ago

Description : Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of visibility. Workarounds include disabling the HTTP/2 parser, and using a signature like drop http2 any any -> any any (frame:http2.hdr; byte_test:1,=,0,3; byte_test:4,=,0,5; sid: 1;) where the first byte test tests the HTTP2 frame type DATA and the second tests the stream id 0. This is fixed in versions 7.0.11 and 8.0.0.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-32788 – OctoPrint Authentication Bypass

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

Microsoft wants you and your business to ditch Office

Remedy vows to make FBC: Firebreak’s gear progression no longer a slog — while also outlining plans for further improvements in its latest patch

Sony’s new speaker powered my dinner party with stellar sound and booming bass

Active Directory dMSA Privilege Escalation Attack Detailed by Researchers

CVE-2025-53538 – Suricata HTTP2 Data Stream 0 Memory Corruption Vulnerability

CVE-2025-6050 – Mezzanine CMS Stored Cross-Site Scripting (XSS) Vulnerability

CVE-2025-6106 – WuKongOpenSource WukongCRM Cross-Site Request Forgery Vulnerability

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

CVE-2025-32788 – OctoPrint Authentication Bypass

Related Posts