CVE-2025-48024 – BlueWave Checkmate Sensitive Data Disclosure

May 15, 2025

CVE ID : CVE-2025-48024

Published : May 15, 2025, 5:15 a.m. | 3 hours, 31 minutes ago

Description : In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-13914 – “WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability”

Next Article CVE-2025-3053 – “UiPress Lite WordPress Remote Code Execution Vulnerability”

Highlights

CVE-2025-6709 – MongoDB OIDC Date Denial of Service

June 26, 2025

CVE ID : CVE-2025-6709

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5.

The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Never Stop Exploring (July 2025 Wallpapers Edition)

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

I never thought I’d praise a kickstand power bank – until I tried this one

I replaced my work PC with this Alienware laptop – now I’m wondering why I hadn’t done this sooner

How to set up Alexa to receive notifications on Prime Day deals you want

How proxy servers actually work, and why they’re so valuable

What’s the difference between named functions and arrow functions in JavaScript?

What’s the difference between named functions and arrow functions in JavaScript?

Spring Boot + Swagger: A Complete Guide to API Documentation

Wire Room Math: AI + SME = (Less Compensation Paid) X (Headline Risk + Payment Errors)^2

Artix Linux: Introduzione di XLibre nelle Build Sperimentali

Artix Linux: Introduzione di XLibre nelle Build Sperimentali

Orange Pi R2S Single Board Computer Running Linux: Introduction

vmstat – reports virtual memory statistics

CVE-2025-48024 – BlueWave Checkmate Sensitive Data Disclosure

⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

Affordable cybersecurity for SMBs in the midwest

CVE-2025-5310 – Dover Fueling Solutions ProGauge MagLink LX Consoles Unauthenticated Remote Code Execution

Chrome Update Alert: Two High-Severity Flaws (CVE-2025-6191, CVE-2025-6192) Patched

Apple Appeals App Store Ruling in Epic Games Case

CVE-2025-6709 – MongoDB OIDC Date Denial of Service

Microsoft now closes its Sydney-based offline store

TypeBridge – zero ceremony, compile time rpc for client and server com

CVE-2025-6864 – SeaCMS Cross-Site Request Forgery Vulnerability

CVE-2025-48024 – BlueWave Checkmate Sensitive Data Disclosure

Related Posts