CVE-2025-28389 – OpenC3 COSMOS Password Bypass Vulnerability

June 13, 2025

CVE ID : CVE-2025-28389

Published : June 13, 2025, 2:15 p.m. | 3 hours, 51 minutes ago

Description : Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-36631 – Tenable Agent Local Privilege Escalation

Next Article CVE-2025-28388 – OpenC3 COSMOS Hardcoded Credentials Vulnerability

Highlights

CVE-2025-5051 – FreeFloat FTP Server Buffer Overflow Vulnerability

May 21, 2025

CVE ID : CVE-2025-5051

Published : May 21, 2025, 8:15 p.m. | 26 minutes ago

Description : A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-28389 – OpenC3 COSMOS Password Bypass Vulnerability

CVE-2025-28380 – OpenC3 COSMOS XSS

CVE-2025-28381 – OpenC3 COSMOS Environment Variable Credential Leak

Fedora Linux è ora una distribuzione WSL ufficiale

Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!

CVE-2023-41839 – Apache Struts Unvalidated Redirect to Malicious Site

8 simple ways Mac users can better protect their privacy

CVE-2025-5051 – FreeFloat FTP Server Buffer Overflow Vulnerability

CVE-2025-3455 – WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

CVE-2025-47780 – Asterisk CLI Permissions Bypass Vulnerability

Novel AI model inspired by neural dynamics from the brain

CVE-2025-28389 – OpenC3 COSMOS Password Bypass Vulnerability

Related Posts