CVE-2025-46736 – Umbraco Account Existence Disclosure

May 6, 2025

CVE ID : CVE-2025-46736

Published : May 6, 2025, 5:16 p.m. | 2 hours, 19 minutes ago

Description : Umbraco is a free and open source .NET content management system. Prior to versions 10.8.10 and 13.8.1, based on an analysis of the timing of post login API responses, it’s possible to determine whether an account exists. The issue is patched in versions 10.8.10 and 13.8.1. No known workarounds are available.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4041 – Optigo Networks ONS NC600 Command Injection Vulnerability

Next Article CVE-2025-46735 – Terraform WinDNS Provider Authenticated Command Injection

Highlights

CVE-2025-48374 – Zot Keycloak Client Secret Disclosure

May 22, 2025

CVE ID : CVE-2025-48374

Published : May 22, 2025, 9:15 p.m. | 1 hour, 36 minutes ago

Description : zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f), when using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout logs for an example at container startup. Version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f) fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

AI Giant With Highest Staff Retention Rate Is Not Google or Meta

5 ways business leaders can transform workplace culture – and it starts by listening

My 4 favorite image editing apps on Linux – and two are free Photoshop alternatives

How Google’s Genie 3 could change AI video – and let you build your own interactive worlds

Establishing Consistent Data Foundations with Laravel’s Database Population System

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

This Week in Laravel: Free Laravel Idea, Laracon News, and More

Microsoft Copilot quietly tests ChatGPT Connectors feature, lets you view OneDrive content

Microsoft Copilot quietly tests ChatGPT Connectors feature, lets you view OneDrive content

Debian 13 “Trixie” Released After 2 Years of Development

HandBrake 1.10 Released with Discord-Friendly 10MB Presets

CVE-2025-46736 – Umbraco Account Existence Disclosure

CVE-2025-54997 – OpenBao Audit Subsystem Privilege Escalation

CVE-2025-55013 – Assemblyline 4 Service Client Path Traversal Vulnerability

This phenomenal gaming headset proves some companies DO listen to us — and it’s totally awesome when they do

CVE-2025-46093 – LiquidFiles FTP SETUID Setgid Remote Command Execution

CVE-2025-54443 – Samsung MagicINFO 9 Server Path Traversal Vulnerability

The Most Underrated UX Skill No One Talks About

CVE-2025-48374 – Zot Keycloak Client Secret Disclosure

DistroWatch Weekly, Issue 1117

Controversia sulla paternità del codice Rust per il sottosistema DRM nel kernel Linux

CVE-2025-5055 – WordPress Smart Forms Stored Cross-Site Scripting

CVE-2025-46736 – Umbraco Account Existence Disclosure

Related Posts