Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

May 2, 2025

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

The Ladybird browser engine, a relatively new entrant originating from the SerenityOS project, has been found to contain a critical security vulnerability. Security researcher Jess has identified a us …

Published Date:
May 02, 2025 (4 hours, 5 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-47154

CVE-2025-46619

CVE-2025-21756

Source: Read More

Previous ArticleCISA Adds Two Vulnerabilities to KEV Catalog

Next Article CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows

Highlights

CVE-2025-7319 – IrfanView CADImage Plugin DWG File Parsing Out-Of-

July 21, 2025

CVE ID : CVE-2025-7319

Published : July 21, 2025, 8:15 p.m. | 4 hours, 25 minutes ago

Description : IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26413.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-34089 – Aexol Studio Remote for Mac Remote Code Execution Vulnerability

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Perplexity joins high-powered, high-priced AI race – here’s everything ‘Max’ includes

The Rise of AI Analytics and What It Means for Industries

CVE-2025-7319 – IrfanView CADImage Plugin DWG File Parsing Out-Of-

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

CVE-2025-47532 – CoinPayments.net Payment Gateway for WooCommerce Object Injection Vulnerability

How to install SteamOS on ROG Ally and Legion Go Windows gaming handhelds

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Related Posts