CVE-2025-48740 – StrangeBee TheHive CSRF

May 23, 2025

CVE ID : CVE-2025-48740

Published : May 23, 2025, 8:15 p.m. | 37 minutes ago

Description : A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victim’s behalf, if the attacker lures a privileged user, authenticated with basic authentication.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48741 – StrangeBee TheHive Broken Access Control Vulnerability

Next Article CVE-2025-48739 – TheHive SSRF

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Reclaim Space: Delete Docker Orphan Layers

Notes Android App Using SQLite

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-48740 – StrangeBee TheHive CSRF

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

CVE-2025-5230 – PHPGurukul Online Nurse Hiring System SQL Injection Vulnerability

Microsoft upgrades Windows 11’s Photos, Paint, and Snipping Tool with AI-powered features

CVE-2025-4508 – PHPGurukul e-Diary Management System SQL Injection Vulnerability

CVE-2025-1763 – GitLab EE Cross-Site Scripting and Content Security Policy Bypass Vulnerability

Urgent Citrix NetScaler Alert: Critical Memory Overflow Flaw (CVE-2025-6543, CVSS 9.2) Actively Exploited on 2,100+ Unpatched Appliances

CVE-2025-38340 – “Linux Firmware cs_dsp Out-of-Bounds Memory Read Vulnerability”

CVE-2025-6039 – WordPress ProcessingJS Stored Cross-Site Scripting

The new frontier of API governance: Ensuring alignment, security, and efficiency through decentralization

CVE-2025-48740 – StrangeBee TheHive CSRF

Related Posts