CVE-2025-28381 – OpenC3 COSMOS Environment Variable Credential Leak

June 13, 2025

CVE ID : CVE-2025-28381

Published : June 13, 2025, 2:15 p.m. | 3 hours, 51 minutes ago

Description : A credential leak in OpenC3 COSMOS v6.0.0 allows attackers to access service credentials as environment variables stored in all containers.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28382 – OpenC3 COSMOS Directory Traversal Vulnerability

Next Article CVE-2025-28380 – OpenC3 COSMOS XSS

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

DistroWatch Weekly, Issue 1130

Distribution Release: GParted Live 1.7.0-8

Distribution Release: CachyOS 250713

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

DistroWatch Weekly, Issue 1130

DistroWatch Weekly, Issue 1130

Distribution Release: GParted Live 1.7.0-8

Distribution Release: CachyOS 250713

CVE-2025-28381 – OpenC3 COSMOS Environment Variable Credential Leak

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

NetSPI Details Multiple Local Privilege Escalation Vulnerabilities in SonicWall NetExtender

Is Multimodal AI in Finance the Next Strategic Move for Growth?

CVE-2025-5139 – Qualitor Office365 File Command Injection Vulnerability

Words is a multilingual offline dictionary

Eureka – RESTful (Representational State Transfer) service

Overture Maps launches GERS, a system of unique IDs for global geospatial entities

AlphaFold 3 predicts the structure and interactions of all of life’s molecules

CVE-2025-4039 – PHPGurukul Rail Pass Management System SQL Injection

CVE-2025-28381 – OpenC3 COSMOS Environment Variable Credential Leak

Related Posts