XXE
appsec.fyi
Rapid7 Analysis: CVE-2022-28219
2026-06-17
Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review
2026-06-11
CISA flags data-theft bug in NSA-built OT networking tool
2026-05-06
CISA flags data-theft bug in NSA-built OT networking tool
2026-04-30
GeoServer 2025 XXE Vulnerability (CVE-2025-58360) Explained
2026-04-22
More XXE →