@lirantal.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Liran Tal

lirantal.com

did:plc:hnlvjno2m7l2kqllgum26bv2

Y'all have been told "ignore prototype pollution" eh? So CVE-2025-25014 (CVSS 9.1) is a Prototype Pollution vulnerability in Kibana that results in code execution. btw, for the second time this hits Kibana in the face.

2025-06-23T15:00:53.544Z