CVE-2025-52574 – SysmonElixir File Reading Arbitrary File Disclosure

June 24, 2025

CVE ID : CVE-2025-52574

Published : June 24, 2025, 3:15 a.m. | 2 hours, 1 minute ago

Description : SysmonElixir is a system monitor HTTP service in Elixir. Prior to version 1.0.1, the /read endpoint reads any file from the server’s /etc/passwd by default. In v1.0.1, a whitelist was added that limits reading to only files under priv/data. This issue has been patched in version 1.0.1.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52971 – WordPress Cross-Site Request Forgery (CSRF)

Next Article CVE-2025-52560 – Kanboard Host Header Token Leak

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

Qodo launches CLI agent framework

Overture Maps launches GERS, a system of unique IDs for global geospatial entities

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Will you sync your Windows 10 PC data to the cloud for free access to security updates beyond 2025?

Red Hat Enterprise Linux (RHEL) quietly released an official image for WSL — but most of us won’t be able to use it

Sam Altman says ChatGPT has evolved beyond a mere “Google replacement” — with ads potentially coming to users

What Are the PHP Trends in 2025

What Are the PHP Trends in 2025

Real-Time Observability for Node.js – Without Code Changes

Elevating API Automation: Exploring Karate as an Alternative to Rest-Assured

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Will you sync your Windows 10 PC data to the cloud for free access to security updates beyond 2025?

Red Hat Enterprise Linux (RHEL) quietly released an official image for WSL — but most of us won’t be able to use it

CVE-2025-52574 – SysmonElixir File Reading Arbitrary File Disclosure

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Affordable 4o Image API for Fast Image Generation

CVE-2025-37780 – Linux Kernel Isofs Fid Handle Bytes Vulnerability

CVE-2025-28380 – OpenC3 COSMOS XSS

New Russian Cyber Threat ‘Laundry Bear’ Hits Western Targets

Kontainer is a GUI tool to manage Distrobox containers

Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool

See-Through Parallel Universes with Your Mind’s Eye – The Course Guidebook: Chapter 8

CVE-2025-50143 – Apache HTTP Server Remote Command Execution Vulnerability

CVE-2025-52574 – SysmonElixir File Reading Arbitrary File Disclosure

Related Posts