CVE-2025-47888 – Jenkins DingTalk Plugin SSL/TLS Certificate Validation Bypass Vulnerability

May 14, 2025

CVE ID : CVE-2025-47888

Published : May 14, 2025, 9:15 p.m. | 1 hour, 51 minutes ago

Description : Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47889 – Jenkins WSO2 Oauth Plugin Authentication Bypass Vulnerability

Next Article CVE-2025-47887 – Jenkins Cadence vManager Plugin Unauthenticated Remote Code Execution

Highlights

CVE-2025-4843 – D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

May 17, 2025

CVE ID : CVE-2025-4843

Published : May 18, 2025, 12:15 a.m. | 31 minutes ago

Description : A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

CVE-2025-47888 – Jenkins DingTalk Plugin SSL/TLS Certificate Validation Bypass Vulnerability

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

CVE-2025-4811 – CodeAstro Pharmacy Management System SQL Injection Vulnerability

Auto-translate Application Strings with Laratext

CVE-2025-27365 – IBM MQ Operator SIGSEGV Memory Corruption Vulnerability

Canonical annuncia Ubuntu 24.04 per OrangePi RV2: la nuova frontiera delle SBC RISC-V economiche

CVE-2025-4843 – D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

CVE-2025-46392 – Apache Commons Configuration Uncontrolled Resource Consumption Vulnerability

CVE-2024-55399 – 4C Strategies Exonaut SSRF

xdaliclock is an advanced xclock substitute

CVE-2025-47888 – Jenkins DingTalk Plugin SSL/TLS Certificate Validation Bypass Vulnerability

Related Posts