CVE-2025-8760 – INSTAR fcgi_server Buffer Overflow Vulnerability

August 13, 2025

CVE ID : CVE-2025-8760

Published : Aug. 13, 2025, 7:15 a.m. | 18 hours, 1 minute ago

Description : A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-55345 – Codex Symlink File Overwrite RCE

Next Article CVE-2025-6184 – Tutor LMS Pro WordPress SQL Injection Vulnerability

Highlights

CVE-2025-53927 – MaxKB Directory Traversal (Command Execution)

July 17, 2025

CVE ID : CVE-2025-53927

Published : July 17, 2025, 2:15 p.m. | 16 minutes ago

Description : MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue.

Severity: 4.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

The best smartphones without AI features in 2025: Expert tested and recommended

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes – here’s why

Gemini just got two of ChatGPT’s best features – and they’re free

The HP OmniBook 5 laptop offers 34 hours of battery life – and it’s 60% off today only

Laravel Boost is released

Laravel Boost is released

Frontend Standards for Optimizely Configured Commerce: Clean & Scalable Web Best Practices

Live Agent Escalation in Copilot Studio Using D365 Omnichannel – Architecture and Use Case

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

You Think You Need a Monster PC to Run Local AI, Don’t You? — My Seven-Year-Old Mid-range Laptop Says Otherwise

8 Registry Tweaks that will Make File Explorer Faster and Easier to Use on Windows 11

CVE-2025-8760 – INSTAR fcgi_server Buffer Overflow Vulnerability

How the always-on generation can level up its cybersecurity game

Supply-chain dependencies: Check your resilience blind spot

CVE-2025-49790 – Apache HTTP Server Unvalidated User Input

CVE-2025-47227 – Netmake ScriptCase Authentication Bypass

CVE-2025-53887 – Directus OpenAPI Spec Version Disclosure

CVE-2022-21138 – Apache Struts Remote Code Execution Vulnerability

CVE-2025-53927 – MaxKB Directory Traversal (Command Execution)

Redis Reintroduces Open-Source AGPL Alongside SSPL Licensing

CVE-2025-6305 – Code-projects Online Shoe Store SQL Injection Vulnerability

Deno 2.4: deno bundle is back

CVE-2025-8760 – INSTAR fcgi_server Buffer Overflow Vulnerability

Related Posts