#web

#### Description This advisory follows the security advisory [GHSA-79w7-vh3h-8g4j published by the _yt-dlp/yt-dlp_ project](https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j) to aid remediation of the issue in the _ytdl-org/youtube-dl_ project. ### Vulnerability _youtube-dl_ does not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder (and path traversal on Windows). ### Impact Since _youtube-dl_ also reads config from the working directory (and, on Windows, executables will be executed from the _youtube-dl_ directory by default) the vulnerability could allow the unwanted execution of local code, including downloads masquerading as, eg, subtitles. ### Patches The versions of _youtube-dl_ listed as _Patched_ remediate this vulnerability by disallowing path separators and whitelisting allowed extensions. As a result, some very uncommon extensions might not get downloaded. ### Workarounds Any/al...

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.

Check out the top OSINT tools of 2025, an updated list featuring the best free and paid open-source…

Text scams come in many forms and are an ever increasing threat doing an awful lot of financial, and other, damage

### Impact Web pages and web extensions using `ses` and the `Compartment` API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `<script>` tag will have inadvertently revealed these bindings in the lexical scope of third-party code. ### Patches This compromise is addressed in `ses` version `1.12.0`. The mechanism for confining third-party code involves a `with` block and a semi-opaque scope `Proxy`. The proxy previously revealed any named property to the surrounding lexical scope if it were absent on `globalThis`, so that the third-party code would receive an informative `ReferenceError`, relying on the invalid assumption that only properties of `globalThis` are in the top-level lexical scope. The solution makes the scope proxy fully opaque. Consequently, accessing an unbound free lexical name will produce `undefined` instead of throwing `ReferenceError`. Assigning to an un...

Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal—until it is. If this sounds familiar, you're not alone. Most security teams are already behind in detecting how AI tools are quietly reshaping their SaaS environments. And

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the `=IF(A1=200, eval("__import__('os').system(` substring.

Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn…

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Sage series Vulnerabilities: Out-of-bounds Write, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Incorrect Default Permissions, Unchecked Return Value, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the impacted device, leading to loss of data, loss of operation, or impacts to the performance of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Sage 1410: Versions C3414-500-S02K5_P8 and prior Sage 1430: Versions C3414-500-S02K5_P8 and prior Sage 1450: Versions C3414-500-S02K5_P8 and prior Sage 2400: Versions C3414-500-S02K5_P8 and prior Sage 4400: Versions C3414-500-S02K5_P8 and prior Sage 3030 Magnum: V...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: ConneXium Network Manager Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Schneider Electric ConneXium Network Manager: Version 2.0.01 (CVE-2025-2222) Schneider Electric ConneXium Network Manager: All versions (CVE-2025-2223) 3.2 VULNERABILITY OVERVIEW 3.2.1 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552 CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following a Man-In-The-Middle attack. CVE-2025-2222 has b...