CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

June 3, 2025

CVE ID : CVE-2025-48997

Published : June 3, 2025, 7:15 p.m. | 15 minutes ago

Description : Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.1 allows an attacker to trigger a Denial of Service (DoS) by sending an upload file request with an empty string field name. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to `2.0.1` to receive a patch. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48998 – DataEase Arbitrary File Deserialization

Next Article CVE-2025-48953 – Umbraco File Upload Extension Bypass Vulnerability

Highlights

CVE-2025-5641 – “Radare2 Memory Corruption Vulnerability in r_cons_is_breaked Function”

June 5, 2025

CVE ID : CVE-2025-5641

Published : June 5, 2025, 7:15 a.m. | 4 hours, 25 minutes ago

Description : A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and “crashy”. Further analysis has shown “the race is not a real problem unless you use asan”. An additional warning regarding threading support has been added.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

Apple’s App Store shaken: Court ends ‘Apple tax’ on external purchases

Dell is getting rid of its Precision PCs. Here’s what will replace them.

Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Vulnerability

LifelongAgentBench: A Benchmark for Evaluating Continuous Learning in LLM-Based Agents

CVE-2025-5657 – PHPGurukul Complaint Management System SQL Injection Vulnerability

CVE-2025-5641 – “Radare2 Memory Corruption Vulnerability in r_cons_is_breaked Function”

Designing for people: What architecture can learn from UX

Universal Design for Visual Disabilities in Healthcare – The Importance of Braille – 12

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

Related Posts