Series

Look Backs

Retrospective writeups on CVEs from 6 to 12 months ago. Each entry revisits a vulnerability with hindsight — what we now know about the bug, the vendor response, and what teams should take away.

2 entries to date

  1. #2 CVE-2025-41672 A critical vulnerability has been identified in multiple JSON Web Token (JWT) authentication systems that allows a remote, unauthenticated attacker to gain complete administrative access. This issue s 2026-05-22
  2. #1 CVE-2025-24990 A high-severity vulnerability has been identified in a third-party modem driver that is included with Microsoft Windows operating systems. This flaw is being actively exploited by attackers and could 2026-05-21