ZeroPath at Black Hat USA 2026

ZeroPath Blog & Research

Explore our team's latest research and stay up to date with ZeroPath's capabilities.
Malicious npm Supply Chain Attack: Deep Technical Dive into CVE-2025-54313 in eslint-config-prettier
CVE Analysis

2025-07-19

12 min read

Malicious npm Supply Chain Attack: Deep Technical Dive into CVE-2025-54313 in eslint-config-prettier

A sophisticated supply chain attack compromised eslint-config-prettier npm package versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7, embedding malware that targets Windows systems. This post provides a detailed technical breakdown of CVE-2025-54313, including attack vectors, affected versions, and actionable mitigation strategies for security professionals.

ZeroPath Security Research

ZeroPath Security Research

Privilege Escalation in Azure DevOps: Deep Dive into CVE-2025-47158 Authentication Bypass
CVE Analysis

2025-07-18

7 min read

Privilege Escalation in Azure DevOps: Deep Dive into CVE-2025-47158 Authentication Bypass

A critical authentication bypass in Azure DevOps (CVE-2025-47158) exposes organizations to privilege escalation and unauthorized access. We analyze the technical root cause, affected versions, and provide actionable patch guidance.

ZeroPath Security Research

ZeroPath Security Research

Azure Machine Learning CVE-2025-49746: Critical Privilege Escalation via Improper Authorization
CVE Analysis

2025-07-18

7 min read

Azure Machine Learning CVE-2025-49746: Critical Privilege Escalation via Improper Authorization

A critical flaw in Azure Machine Learning (CVE-2025-49746) enables authorized attackers to escalate privileges over the network due to improper authorization checks. We break down the technical details, affected versions, and Microsoft's patch response.

ZeroPath Security Research

ZeroPath Security Research

CrushFTP CVE-2025-54309: Critical AS2 Validation Flaw Enables Admin Takeover via HTTPS
CVE Analysis

2025-07-18

8 min read

CrushFTP CVE-2025-54309: Critical AS2 Validation Flaw Enables Admin Takeover via HTTPS

A critical flaw in CrushFTP's AS2 validation (CVE-2025-54309) allows remote attackers to gain admin access via HTTPS when the DMZ proxy is not enabled. This post provides a deep technical breakdown, affected versions, patch guidance, and vendor security context.

ZeroPath Security Research

ZeroPath Security Research

Node.js v24 HashDoS (CVE-2025-27209): How a V8 Hashing Change Reopened a Classic DoS Attack
CVE Analysis

2025-07-18

11 min read

Node.js v24 HashDoS (CVE-2025-27209): How a V8 Hashing Change Reopened a Classic DoS Attack

A critical flaw in Node.js v24.x's V8 engine exposes applications to devastating HashDoS attacks. We dissect the technical root cause, real-world impact, and the urgent patch path for defenders.

ZeroPath Security Research

ZeroPath Security Research

Node.js Path Traversal on Windows: CVE-2025-27210 Exploited with Device Names (PoC Inside)
CVE Analysis

2025-07-18

12 min read

Node.js Path Traversal on Windows: CVE-2025-27210 Exploited with Device Names (PoC Inside)

A critical path traversal flaw in Node.js (CVE-2025-27210) enables attackers to bypass directory protections on Windows using reserved device names like CON, PRN, and AUX. This post dissects the vulnerability, provides a real-world PoC, and details patching strategies for defenders.

ZeroPath Security Research

ZeroPath Security Research

Privilege Escalation in Azure Machine Learning: Dissecting CVE-2025-49747's Missing Authorization Flaw
CVE Analysis

2025-07-18

9 min read

Privilege Escalation in Azure Machine Learning: Dissecting CVE-2025-49747's Missing Authorization Flaw

A critical authorization flaw in Azure Machine Learning (CVE-2025-49747) enables privilege escalation by authenticated attackers. We break down the technical root cause, affected versions, and Microsoft's patch response for security teams.

ZeroPath Security Research

ZeroPath Security Research

Privilege Escalation Unlocked: CVE-2025-53762 in Microsoft Purview (Permissive Input List Flaw)
CVE Analysis

2025-07-18

9 min read

Privilege Escalation Unlocked: CVE-2025-53762 in Microsoft Purview (Permissive Input List Flaw)

A deep technical analysis of CVE-2025-53762, a privilege escalation vulnerability in Microsoft Purview caused by an overly permissive allow-list. We break down the root cause, exploitation vectors, patch details, and Microsoft's security response.

ZeroPath Security Research

ZeroPath Security Research

LoginPress Pro CVE-2025-7444: Critical Authentication Bypass and How to Detect and Patch It
CVE Analysis

2025-07-18

8 min read

LoginPress Pro CVE-2025-7444: Critical Authentication Bypass and How to Detect and Patch It

A critical authentication bypass in LoginPress Pro (CVE-2025-7444) exposes WordPress sites to admin takeover via flawed social login token validation. We break down the technical root cause, patch details, detection methods, and vendor history.

ZeroPath Security Research

ZeroPath Security Research

Critical PHP Object Injection in WordPress Google Sheets Integration Plugin (CVE-2025-7697): Technical Breakdown and Real-World Impact
CVE Analysis

2025-07-18

11 min read

Critical PHP Object Injection in WordPress Google Sheets Integration Plugin (CVE-2025-7697): Technical Breakdown and Real-World Impact

A critical PHP Object Injection vulnerability (CVE-2025-7697) in the 'Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms' WordPress plugin (≤1.1.1) allows unauthenticated attackers to exploit deserialization flaws, potentially leading to arbitrary file deletion or remote code execution. This post provides a detailed technical breakdown, affected versions, patch and detection guidance, and vendor security context.

ZeroPath Security Research

ZeroPath Security Research

Grafana CVE-2025-6023: Chained Open Redirect to XSS – Technical Breakdown and Patch Guidance
CVE Analysis

2025-07-18

9 min read

Grafana CVE-2025-6023: Chained Open Redirect to XSS – Technical Breakdown and Patch Guidance

A critical open redirect vulnerability (CVE-2025-6023) in Grafana OSS v11.5.0+ enables chained XSS attacks. This post provides a technical breakdown, patch details, detection methods, and vendor security context for security professionals.

ZeroPath Security Research

ZeroPath Security Research

Log4Shell Unleashed: Inside CVE-2021-44228 and the Log4j RCE Crisis
CVE Analysis

2025-07-17

30 min read

Log4Shell Unleashed: Inside CVE-2021-44228 and the Log4j RCE Crisis

Log4Shell (CVE-2021-44228) shattered the security status quo with a critical RCE in Apache Log4j 2.x, exposing global infrastructure to trivial exploitation. This post delivers a technical, actionable breakdown: from exploitation mechanics and PoC to patching, detection, and vendor response. Essential reading for defenders and incident responders.

ZeroPath Security Research

ZeroPath Security Research

Apache HTTP Server AJP Smuggling (CVE-2022-26377): Anatomy of a High-Impact Proxy Flaw
CVE Analysis

2025-07-17

14 min read

Apache HTTP Server AJP Smuggling (CVE-2022-26377): Anatomy of a High-Impact Proxy Flaw

A deep technical analysis of CVE-2022-26377, an HTTP request smuggling flaw in Apache HTTP Server's mod_proxy_ajp module. We dissect the vulnerability's mechanics, affected versions, detection strategies, and patching guidance for security teams.

ZeroPath Security Research

ZeroPath Security Research

Node.js HTTP Request Smuggling (CVE-2022-35256): Anatomy of a Parsing Flaw in llhttp
CVE Analysis

2025-07-17

9 min read

Node.js HTTP Request Smuggling (CVE-2022-35256): Anatomy of a Parsing Flaw in llhttp

A deep technical analysis of CVE-2022-35256, a request smuggling vulnerability in Node.js's llhttp parser. We dissect the parsing flaw, affected versions, real-world impact, and the precise patch that closes the door on this attack vector.

ZeroPath Security Research

ZeroPath Security Research

MOVEit Transfer CVE-2023-34362: Anatomy of a Critical SQL Injection and Real-World Exploitation
CVE Analysis

2025-07-17

18 min read

MOVEit Transfer CVE-2023-34362: Anatomy of a Critical SQL Injection and Real-World Exploitation

A critical SQL injection flaw in Progress MOVEit Transfer (CVE-2023-34362) enabled unauthenticated attackers to breach sensitive databases and deploy web shells, fueling a global ransomware campaign. This post dissects the technical exploitation, proof-of-concept, patch guidance, and detection strategies for defenders.

ZeroPath Security Research

ZeroPath Security Research

ReDoS in Chai’s get-func-name: CVE-2023-43646 Technical Analysis & PoC
CVE Analysis

2025-07-17

8 min read

ReDoS in Chai’s get-func-name: CVE-2023-43646 Technical Analysis & PoC

A critical ReDoS vulnerability (CVE-2023-43646) in Chai’s get-func-name module exposes Node.js and browser apps to denial of service via inefficient regex parsing. This post delivers a technical breakdown, PoC, patch details, and detection strategies for security teams.

ZeroPath Security Research

ZeroPath Security Research

Sophos Intercept X Updater LPE: Dissecting CVE-2024-13972’s Registry Permission Flaw
CVE Analysis

2025-07-17

8 min read

Sophos Intercept X Updater LPE: Dissecting CVE-2024-13972’s Registry Permission Flaw

A deep technical analysis of CVE-2024-13972, a critical local privilege escalation in Sophos Intercept X for Windows caused by insecure registry permissions during upgrades. We detail the vulnerability’s mechanism, affected versions, patch guidance, and detection strategies for defenders.

ZeroPath Security Research

ZeroPath Security Research

Rails ReDoS: CVE-2024-26142 and the Accept Header Parsing Flaw
CVE Analysis

2025-07-17

8 min read

Rails ReDoS: CVE-2024-26142 and the Accept Header Parsing Flaw

A critical flaw in Rails 7.1.x's Accept header parsing exposes applications to ReDoS attacks. We break down the technical root cause, affected versions, and the official patch that neutralizes this threat.

ZeroPath Security Research

ZeroPath Security Research

When Containers Break the Rules: CVE-2025-23267 in NVIDIA Container Toolkit and the Perils of Link Following
CVE Analysis

2025-07-17

13 min read

When Containers Break the Rules: CVE-2025-23267 in NVIDIA Container Toolkit and the Perils of Link Following

A critical flaw in NVIDIA's Container Toolkit (CVE-2025-23267) allows attackers to escape container boundaries and tamper with host files via a link following bug in the update-ldcache hook. This post dissects the technical root cause, affected versions, and how to patch before attackers strike.

ZeroPath Security Research

ZeroPath Security Research

Cache Poisoning Reloaded: Deep Dive into CVE-2025-4366 and Pingora's Request Smuggling Flaw
CVE Analysis

2025-07-17

12 min read

Cache Poisoning Reloaded: Deep Dive into CVE-2025-4366 and Pingora's Request Smuggling Flaw

A high-severity request smuggling vulnerability in Cloudflare's Pingora proxy framework (CVE-2025-4366) exposes HTTP/1.1 cache users to unauthorized request execution and cache poisoning. This technical analysis unpacks the bug's mechanism, affected versions, patch details, and detection strategies for defenders.

ZeroPath Security Research

ZeroPath Security Research

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization
CVE Analysis | ZeroPath Security Blog - Vulnerability Research & Exploits | Page 58 | ZeroPath