CVE-2025-50706 – Apache ThinkPHP Remote Code Execution Vulnerability

August 5, 2025

CVE ID : CVE-2025-50706

Published : Aug. 5, 2025, 3:15 p.m. | 8 hours, 26 minutes ago

Description : An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50707 – ThinkPHP3 Remote Code Execution Vulnerability

Next Article CVE-2025-54987 – Trend Micro Apex One Remote Code Execution Vulnerability

Highlights

CVE-2025-54429 – Polkadot Frontier CallableByContract AddressType Vulnerability

July 28, 2025

CVE ID : CVE-2025-54429

Published : July 28, 2025, 9:15 p.m. | 3 hours, 22 minutes ago

Description : Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. There are various account address types in Frontier, e.g. precompiled contracts, smart contracts, and externally owned accounts. Some EVM mechanisms should be unreachable by certain types of accounts for safety. For precompiles to be callable by smart contracts they must be explicitly configured as CallableByContract. If this configuration is absent, then the precompile should be unreachable via smart contract accounts. In commits prior to 0822030, the underlying implementation of CallableByContract which returned the AddressType was incorrect. It considered the contract address running under CREATE or CREATE2 to be AddressType::EOA rather than correctly as AddressType::Contract. The issue only affects users who use custom precompile implementations that utilize AddressType::EOA and AddressType::Contract. It’s not directly exploitable in any of the predefined precompiles in Frontier. This is fixed in version 0822030.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-50706 – Apache ThinkPHP Remote Code Execution Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-43857 – Net::IMAP Denial of Service Memory Exhaustion Vulnerability

Cyberattack Hits Nova Scotia Power: Customer Data Compromised

CVE-2025-1573 – Apache Struts Remote Code Execution Vulnerability

CVE-2025-3460 – Quantenna Wi-Fi Command Injection Vulnerability

CVE-2025-54429 – Polkadot Frontier CallableByContract AddressType Vulnerability

Is ABC Classification a thing of the past?

Elevate business productivity with Amazon Q and Amazon Connect

Roku clarifies that it’s not rolling out new pause ads after all

CVE-2025-50706 – Apache ThinkPHP Remote Code Execution Vulnerability

Related Posts