CVE-2025-49618 – “Plesk Obsidian AWS Credentials Disclosure”

July 3, 2025

CVE ID : CVE-2025-49618

Published : July 3, 2025, 1:15 p.m. | 1 hour, 41 minutes ago

Description : In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43713 – ASNA Assist and ASNA Registrar Deserialization Vulnerability

Next Article CVE-2025-49595 – n8n Denial of Service (DoS) Vulnerability

Highlights

CVE-2025-55012 – Zed Agent Panel Remote Code Execution Permissions Bypass

August 11, 2025

CVE ID : CVE-2025-55012

Published : Aug. 11, 2025, 10:15 p.m. | 1 hour, 53 minutes ago

Description : Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific configuration file, leading to the execution of arbitrary commands on a victim’s machine without the explicit approval that would otherwise be required. This vulnerability has been patched in version 0.197.3. A workaround for this issue involves either avoid sending prompts to the Agent Panel, or to limit the AI Agent’s file system access.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

Looking to Outsource React.js Development? Here’s What Top Agencies Are Doing Right

Beyond The Hype: What AI Can Really Do For Product Design

BrowserStack launches Chrome extension that bundles 10+ manual web testing tools

How much RAM does your Linux PC really need in 2025?

Have solar at home? Supercharge that investment with this other crucial component

I replaced my MacBook charger with this compact wall unit – and wish I’d done it sooner

5 reasons to switch to an immutable Linux distro today – and which to try first

Sentry Adds Logs Support for Laravel Apps

Sentry Adds Logs Support for Laravel Apps

Efficient Context Management with Laravel’s Remember Functions

Laravel Devtoolbox: Your Swiss Army Knife Artisan CLI

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

We gave OpenAI’s open-source AI a kid’s test — here’s what happened

With GTA 6, next-gen exclusives, and a console comeback on the horizon, Xbox risks sitting on the sidelines — here’s why

CVE-2025-49618 – “Plesk Obsidian AWS Credentials Disclosure”

Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

Get Ready for the Black Hat USA 2025 CISO Podcast Series from The Cyber Express and Suraksha Catalyst

Virtual Try On AI software for fashion

Life in 3280: Inside the Dome Cities, Cyborg Aristocracy & the Galactic Peace We Never Imagined

CVE-2025-5911 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

We got Markdown in Notepad before GTA VI

CVE-2025-55012 – Zed Agent Panel Remote Code Execution Permissions Bypass

CVE-2025-6332 – PHPGurukul Directory Management System SQL Injection

Welcome to Maintainer Month: Events, exclusive discounts, and a new security challenge

re: The Industrialization of IT

CVE-2025-49618 – “Plesk Obsidian AWS Credentials Disclosure”

Related Posts