Category - API Security Blog

Weblate: exposure of personal IP address via email.

The exposure of personal IP addresses through email messages has been identified as a potential security issue. Email messages can pass through multiple servers, which may store or record the content, ...

August 12, 2025

curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure

Vulnerability description not...Read More ...

August 12, 2025

curl: Security check up

Vulnerability description not...Read More ...

August 12, 2025

curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c

Vulnerability description not...Read More ...

August 12, 2025

curl: Failure to strip Proxy-Authorization header on change in origin

Vulnerability description not...Read More ...

August 12, 2025

MainWP: Reflected XSS in “Cost Tracker” Notes Field

The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...

August 12, 2025

curl: Vulnerability Report: Public Exposure of Security Audit File

Vulnerability description not...Read More ...

August 12, 2025

curl: OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames

Vulnerability description not...Read More ...

August 12, 2025