Articles
Newsflash
8 Jul 2025 Data Management and Analytics
PyTorch: Denial of Service Vulnerability

In PyTorch version 2.6.0+cu124 a medium severity vulnerability CVE-2025-4287 was detected. This vulnerability affects the torch.cuda.nccl.reduce function in the torch/cuda/nccl.py file and may lead to denial of service. The issue can be exploited locally, and details of the exploit have been publicly disclosed. To address this issue, users must apply the patch. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-4287.

Read more
Machine Learning
8 Jul 2025 Data Management and Analytics
PyTorch: Remote Command Execution

In PyTorch version 2.5.1 and prior a critical severity vulnerability CVE-2025-32434 was detected. This vulnerability allows remote command execution (RCE) when loading a model. To address this issue users must upgrade to version 2.6.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-32434.

Read more
Machine Learning
8 Jul 2025 Data Management and Analytics
MongoDB: Denial of Service Vulnerability

In MongoDB Server version 8.1.0 a high severity vulnerability CVE-2025-7259 was detected. This vulnerability allows authorized users to issue queries with duplicate id fields, leading to unexpected behavior and potentially causing the server to crash. This may result in a denial of service. To address this issue users must upgrade to a patched version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-7259.

Read more
Database
8 Jul 2025 Data Management and Analytics
MongoDB: mongos Component May Hang Under Load Balancer Configuration

In MongoDB Server versions prior to 6.0.23, 7.0.20, and 8.0.9 a medium severity vulnerability CVE-2025-6714 was detected. This vulnerability allows attackers to send malformed data that can make the MongoDB server stop responding to new connections. This vulnerability remains unresolved at this time. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6714.

Read more
Database
8 Jul 2025 Data Management and Analytics
MongoDB: Unauthorized Data Access via Aggregation Pipeline

In MongoDB Server versions prior to 8.0.7 (8.0 series), 7.0.20 (7.0 series), and 6.0.22 (6.0 series) a medium severity vulnerability CVE-2025-6713 was detected. This vulnerability allows unauthorized users to access data by exploiting improper handling of the $mergeCursors stage in aggregation pipelines. The flaw can lead to exposure of data without proper authorization. This vulnerability remains unresolved at this time. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6713.

Read more
Database
7 Jul 2025 DevOps
Next.js: Denial of Service Risk

In Next.js versions from 15.0.4-canary.51 to before 15.1.8 a medium severity vulnerability CVE-2025-49826 was detected. This vulnerability could lead to a Denial of Service condition due to a cache poisoning issue, where a 204 HTTP response may be incorrectly cached and served to all users accessing certain static pages. To fix this issue, users should upgrade to Next.js version 15.1.8. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-49826.

Read more
Application Development
Case Studies