Category: Alert Feeds

  Posted by LRKTBEYK LRKTBEYK on Dec 17 I tried to report these vulnerabilities to ImmuneFi, but they closed it (report 62070) as “out of scope.” I believe them when they tell me something is out of scope, so now it’s public. https://github.com/raydium-io/raydium-cp-swap/pull/62 These vulnerabilities collectively enable fee theft, creator fee hijacking, and potential user … Read More “Raydium CP Swap: Unchecked Account Allows Creator Fee Hijacking  – Full Disclosure” »

  Posted by Egidio Romano on Dec 17 ———————————————————————————— Control Web Panel <= 0.9.8.1208 (admin/index.php) OS Command Injection Vulnerability ———————————————————————————— [-] Software Link: https://control-webpanel.com [-] Affected Versions: Version 0.9.8.1208 and prior versions. [-] Vulnerability Description: User input passed via the “key” GET… – Read More  – Full Disclosure 

  Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 17 CyberDanube Security Research 20251215-0 ——————————————————————————- title| Multiple Vulnerabilities product| FL Switch vulnerable version| 3.40 fixed version| TODO CVE number| CVE-2025-41692, CVE-2025-41693, CVE-2025-41694, | CVE-2025-41695, CVE-2025-41696, CVE-2025-41697, | CVE-2025-41745,… – Read More  – Full Disclosure