top of page
ALL POSTS
Critical 9.8 Severity Flaw in Harvester Allows Hackers to Hijack New Servers: The Open Door
Key Findings A critical vulnerability (CVSS score 9.8) has been discovered in the Harvester Hyperconverged Infrastructure (HCI) platform. The flaw allows remote attackers to gain unauthorized access to new servers during the installation process using default credentials. Successful exploitation could enable attackers to completely compromise the affected servers and leverage them for further malicious activities. Background Harvester is an open-source HCI solution built on t
Jan 61 min read
Critical pgAdmin RCE (CVE-2025-13780) Flaw Bypasses Fix, Allowing Server Takeover Via Malicious Database Restore
Key Findings A critical security vulnerability, CVE-2025-13780, has been discovered in pgAdmin, the popular open-source management tool for PostgreSQL. The flaw allows attackers to achieve Remote Code Execution (RCE) by exploiting a subtle oversight in how the software processes file encoding. The vulnerability affects pgAdmin versions up to 9.10 when running in server mode. It creates a scenario where a routine database restore operation can be weaponized to execute arbitrar
Dec 14, 20252 min read
bottom of page