CVE-2025-51387 – GitKraken Desktop Node.js Code Injection Vulnerability

August 4, 2025

CVE ID : CVE-2025-51387

Published : Aug. 4, 2025, 9:15 p.m. | 2 hours, 28 minutes ago

Description : The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be executed in Node.js mode, enabling attackers to pass arguments that result in arbitrary code execution.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8526 – Exrick xBoot Unrestricted File Upload Vulnerability

Next Article CVE-2025-50754 – Unisite CMS Stored XSS

Highlights

CVE-2025-5563 – WordPress WP-Addpub SQL Injection Vulnerability

June 6, 2025

CVE ID : CVE-2025-5563

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : The WP-Addpub plugin for WordPress is vulnerable to SQL Injection via the ‘wp-addpub’ shortcode in all versions up to, and including, 1.2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Automating Design Systems: Tips And Resources For Getting Started

OpenAI releases two open weight reasoning models

Accelerate tool adoption with a developer experimentation framework

UX Job Interview Helpers

Yes, you can edit video like a pro on Linux – here are my 4 go-to apps

I tried Perplexity’s new reservation feature, and it surprised me with new dining spots to try

Your Samsung TV is getting a huge feature upgrade – 3 AI tools launching right now

This multi-card reader is one of the best investments I’ve made for my creative workflow

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Record and Replay Requests With Laravel ChronoTrace

How to Write Media Queries in Optimizely Configured Commerce (Spire)

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Canon imageFORMULA R40 Driver for Windows 11, 10 (Download)

Microsoft to End Support for Visual Studio 2015 This October

CVE-2025-51387 – GitKraken Desktop Node.js Code Injection Vulnerability

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

8 Best Free and Open Source Diary Software

How to configure JMeter to dynamically read data from one of multiple CSV files based on load distribution?

CVE-2025-53786 – Microsoft Exchange Server Hybrid Deployment Authentication Bypass Vulnerability

Cisco waarschuwt voor kritieke kwetsbaarheden Cisco ISE en Cisco ISE-PIC

CVE-2025-5563 – WordPress WP-Addpub SQL Injection Vulnerability

Assiio fir nertoxize services

Set up an AI-powered Laravel Development Environment with Claude Code and MCP Servers

RoR-Bench: Revealing Recitation Over Reasoning in Large Language Models Through Subtle Context Shifts

CVE-2025-51387 – GitKraken Desktop Node.js Code Injection Vulnerability

Related Posts