CVE-2025-33004 – IBM Planning Analytics Local File Deletion Vulnerability

June 1, 2025

CVE ID : CVE-2025-33004

Published : June 1, 2025, 12:15 p.m. | 15 hours, 5 minutes ago

Description : IBM Planning Analytics Local 2.0 and 2.1 could allow a privileged user to delete files from directories due to improper pathname restriction.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-33005 – IBM Planning Analytics Session Impersonation Vulnerability

Next Article CVE-2025-2896 – IBM Planning Analytics Cross-Site Scripting Vulnerability

Highlights

CVE-2025-32421 – Next.js Race Condition Page Prop Exposure

May 15, 2025

CVE ID : CVE-2025-32421

Published : May 14, 2025, 11:15 p.m. | 3 hours, 51 minutes ago

Description : Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This issue only affects the Pages Router under certain misconfigurations, causing normal endpoints to serve `pageProps` data instead of standard HTML. This issue was patched in versions 15.1.6 and 14.2.24 by stripping the `x-now-route-matches` header from incoming requests. Applications hosted on Vercel’s platform are not affected by this issue, as the platform does not cache responses based solely on `200 OK` status without explicit `cache-control` headers. Those who self-host Next.js deployments and are unable to upgrade immediately can mitigate this vulnerability by stripping the `x-now-route-matches` header from all incoming requests at the content development network and setting `cache-control: no-store` for all responses under risk. The maintainers of Next.js strongly recommend only caching responses with explicit cache-control headers.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Hitachi Energy Pledges $1B to Strengthen US Grid, Build Largest Transformer Plant in Virginia

How to debug a web app with Playwright MCP and GitHub Copilot

Between Strategy and Story: Thierry Chopain’s Creative Path

What You Need to Know About CSS Color Interpolation

Convertedbook – Live LaTeX Preview in the Browser

Convertedbook – Live LaTeX Preview in the Browser

Why browsers throttle JavaScript timers (and what to do about it)

How to create Google Gemini AI component in Total.js Flow

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

CVE-2025-33004 – IBM Planning Analytics Local File Deletion Vulnerability

Under lock and key: Safeguarding business data with encryption

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

Laravel’s AsHtmlString Cast for Elegant HTML Attribute Management

CVE-2025-6758 – WordPress Properties Directory Theme Privilege Escalation

Enhanced Enum Processing with Laravel’s Default Parameter Support

Top 10 new Windows 11 features and changes unveiled via the Insider Program in June 2025 — and where to find them

CVE-2025-32421 – Next.js Race Condition Page Prop Exposure

CVE-2025-7324 – IrfanView CADImage Plugin DXF File Parsing Out-Of-

This hidden Windows 11 feature is back in testing after over a year-long hiatus — but you can get it right now

CData Embedded Cloud enables customers to build data connectivity into their apps without maintenance burden

CVE-2025-33004 – IBM Planning Analytics Local File Deletion Vulnerability

Related Posts