13 articles
Background Portainer treats every blob flagged as a symbolic link (mode 0o120000) as an OS symlink during auto‑update cycles, allowing attackers to craft malicious docker‑compose.yml entries that leverage symlink injection to bypass intended security boundaries. Technical Deep Dive The vulnerability stems from how Portainer processes Git repositories
Edgerunner
3 min read
Background In 2025, 68% of enterprises deployed new microservices without implementing rate limiting, allowing attackers to brute‑force endpoints within hours. This trend has turned APIs into the primary interface through which modern organizations expose data and functionality to internal systems, partners, and end users. What once started as a
Edgerunner
10 min read
Security teams focus on public REST endpoints but ignore internal services, shadow APIs, and legacy integrations still running in production. This deep dive reveals why those hidden surfaces are being exploited while you scan the wrong ports.
Edgerunner
6 min read
CVE-2026-41176 exposes Rclone's RC endpoint, allowing attackers to modify runtime configurations without authentication. This vulnerability enables data exfiltration and pivot attacks on cloud infrastructure. Secure your S3-compatible object stores immedi
Edgerunner
4 min read
The critical hostname normalization vulnerability in Axios represents a sophisticated attack surface. Unlike typical SSRF, this flaw allows precise DNS control with unexpected persistence. Security professionals deploying API gateways need detailed guidan
Edgerunner
3 min read
The testing interface in FastGPT versions before 4.14.9.5 creates dangerous attack opportunities. Security teams often overlook development-stage exposures that quickly become critical production vulnerabilities.
Edgerunner
3 min read
Background The security landscape has shifted dramatically over the past two years. What began as a niche concern about API hygiene has exploded into one of the most persistent attack vectors we face today. Consider the timing: three major vulnerabilities in SiYuan—CVE-2026-33669, CVE-2026-33670, and the related file-traversal flaw—emerged
Edgerunner
3 min read
CVE-2026-33670 allows attackers to expose files through SiYuan's API. This isn't an isolated issue but part of a troubling trend in knowledge management system security. Security teams must understand and mitigate this risk urgently.
Edgerunner
3 min read
CVE-2026-33942 exposes Saloon's dangerous authentication pattern that could let attackers pivot into your application. Security teams need to understand risks and implement urgent mitigation before exploitation.
Edgerunner
3 min read
Background Technical Deep Dive The DomainZones.add endpoint in Froxlor's API exposes a subtle but dangerous design flaw in how customer-submitted DNS zone data is processed. At a high level, this is a classic case of insufficient input validation on a privileged API surface. GET /api/json.php?
Edgerunner
2 min read
APIs are the silent vulnerability in AI adoption. Learn the risks and strategies to secure your API ecosystem. Read now.
Edgerunner
6 min read
CISA KEV alerts on critical Craft CMS and Laravel Livewire vulnerabilities. Learn how to secure your installations now.
Edgerunner
5 min read
