NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

May 17, 2025

We’re excited to share the latest N|Solid Runtime release for May 2025.

Source: Read MoreÂ

javascript

Previous ArticleBig Changes at Meteor Software: Our Next Chapter

Next Article Microsoft confirms KB5058379 BitLocker bug crashes Windows 10, wants recovery key

Highlights

CVE-2025-53358 – Kotaemon Local File Inclusion Directory Traversal Vulnerability

July 2, 2025

CVE ID : CVE-2025-53358

Published : July 2, 2025, 4:15 p.m. | 3 hours, 27 minutes ago

Description : kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to traverse directories (e.g. ../../../../../.env) and exfiltrate sensitive files. This issue has been patched via commit 37cdc28, in version 0.10.7 which has not been made public at time of publication.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

How agentic AI is transforming the very foundations of business strategy

The best Xbox and PC headset I’ve used for the last couple years is on sale

These 5 free add-ons make Minecraft Bedrock Edition feel brand new

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Word for the Web Finally Gets Proper Header and Footer Editing

Word for the Web Finally Gets Proper Header and Footer Editing

Windows 11 Build 27898 Adds Small Taskbar Icons, Quick Recovery, Smarter Sharing

Windows 11 Build 27898 Bug Brings Back Classic Vista Startup Sound, Again

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Experiment with Gemini 2.0 Flash native image generation

Introducing Gemma 3

CVE-2025-4786 – SourceCodester Oretnom23 Stock Management System SQL Injection

MongoDB: Gateway to Open Finance and Financial Data Access

Elpher is a gopher and gemini client for Emacs

Driverless cars ‘could be hacked’ warns Institute of Engineering and Technology

CVE-2025-53358 – Kotaemon Local File Inclusion Directory Traversal Vulnerability

CVE-2025-3577 – Zyxel AMG1302-T10B Path Traversal Vulnerability

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

Unlocking the Power of MLflow 3.0 in Databricks for GenAI

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Related Posts