CVE-2024-7586 – GitLab EE Webhook Deletion Audit Log Authentication Credentials Disclosure

June 20, 2025

CVE ID : CVE-2024-7586

Published : June 20, 2025, 2:15 p.m. | 28 minutes ago

Description : An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, where webhook deletion audit log preserved auth credentials.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32875 – COROS Bluetooth Pairing and Bonding Unencrypted Data Exfiltration

Next Article CVE-2024-53298 – Dell PowerScale OneFS NFS Export Missing Authorization Vulnerability

Highlights

CVE-2025-5411 – Mist Community Edition Cross-Site Scripting Vulnerability

June 1, 2025

CVE ID : CVE-2025-5411

Published : June 1, 2025, 11:15 p.m. | 4 hours, 5 minutes ago

Description : A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic. This issue affects the function tag_resources of the file src/mist/api/tag/views.py. The manipulation of the argument tag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is named db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

I’ve tested dozens of robot vacuums. These are the three I recommend most to family and friends

These apps are quietly draining your phone battery – how to find and shut them down

184 million passwords for Google, Microsoft, Facebook, and more leaked in massive data breach

I tested the world’s thinnest SSD enclosure – here’s why it’s the perfect PC accessory for me

Importance of Performance Adaptation in Frontend Development

Importance of Performance Adaptation in Frontend Development

Proactive, Not Reactive – The Key to Inclusive and Accessible Design

Reset Rate Limits Dynamically with Laravel’s clear Method

Stage – Git GUI client for Linux desktops

Stage – Git GUI client for Linux desktops

Edit: L’editor di testo a riga di comando di Microsoft anche per GNU/Linux

Splitcat – split and merge files

CVE-2024-7586 – GitLab EE Webhook Deletion Audit Log Authentication Credentials Disclosure

CVE-2025-4981 – Mattermost File Upload Path Traversal and RCE Vulnerability

CVE-2025-6332 – PHPGurukul Directory Management System SQL Injection

How to Use Git and Git Bash Locally: A Comprehensive Guide

CVE-2025-2762 – CarlinKit CPC200-CCPA Root of Trust Failure Privilege Escalation Vulnerability

ChatGPT Now Recommends Products and Prices With New Shopping Features

Microsoft Edge’s Quiet Shift to AVIF: Why It Matters

CVE-2025-5411 – Mist Community Edition Cross-Site Scripting Vulnerability

Closing your Apple Watch rings can lower less stress, improve sleep – and win you prizes

CAINE – live Linux distribution for digital forensics

Update PyTorch ASAP | Kaspersky official blog

CVE-2024-7586 – GitLab EE Webhook Deletion Audit Log Authentication Credentials Disclosure

Related Posts