Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > information disclosure
#information disclosure

CVE-2025-14177: Malicious JPEG Files Expose PHP Heap Memory — Critical Flaws in getimagesize() and iptcembed() Patched

18 May 2026  |  dark6  |  Vulnerability

Two critical memory-safety vulnerabilities in PHP image-processing functions allow attackers to leak sensitive heap memory (CVE-2025-14177) or trigger heap buffer overflows via malicious JPEG files. All PHP 8.1...

>> read more

Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge

11 May 2026  |  dark6  |  Vulnerability

Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities — CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 — affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. All...

>> read more