Vulnerability Analysis
CVE-2024-4367 PDF.js Arbitrary Code Execution
CVE-2024-4367 is a PDF.js code-execution flaw via font handling that affects Firefox, Thunderbird, and every embedder. Root cause and remediation.
Mar 14, 20268 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
CVE-2024-4367 is a PDF.js code-execution flaw via font handling that affects Firefox, Thunderbird, and every embedder. Root cause and remediation.
A .library-ms file extracted from a zip archive can leak NTLM hashes without the user opening anything. Breakdown of CVE-2025-24071 and the defensive response.
CVE-2024-29849 is a CVSS 9.8 auth bypass in Veeam Backup Enterprise Manager. Root cause, exploitation, detection, and patching guidance.
IngressNightmare - CVE-2025-1974 in Kubernetes ingress-nginx - gave unauthenticated attackers cluster-wide RCE. Here is how it worked and what to harden now.
CVE-2024-32002 is a Git submodule RCE triggered by a recursive clone on case-insensitive filesystems. Root cause, exploit, and remediation.
CVE-2024-21413 is a critical Outlook Moniker Link RCE that bypasses Protected View via a crafted file URL. Root cause, exploitation, and detection.
Cleo's Harmony, VLTrader, and LexiCom carried an unauthenticated RCE that Clop abused for mass data theft. Here is the technical breakdown and the defender's takeaway.
CVE-2024-23897 is a Jenkins CLI arbitrary file-read flaw that leaks secrets and enables RCE chains. Root cause, exploitation, and patch guidance.
A technical breakdown of CVE-2024-45519, the unauthenticated RCE in Zimbra's postjournal service, how it was exploited in the wild, and what defenders should take away.
Weekly insights on software supply chain security, delivered to your inbox.