@evansims.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Evan Sims

evansims.com

did:plc:dvwv5cgcs54bxwsc2bx6mglm

Cross-tenant data exposure from misconfigured APIs increased 17% in SaaS environments this year. PostgreSQL CVE-2024-10976 showed RLS policies silently failing below subqueries. CVE-2025-8713 revealed optimizer statistics leaking data from rows RLS was supposed to hide.

2026-04-08T19:04:05.826Z