Vulnerability Alert: CVE-2025-29927: Next.js Middleware Authorization Bypass
The Next.js team disclosed – CVE-2025-29927 vulnerability – that allows attackers to bypass authorization checks implemented in Next.js Middleware by manipulating the x-middleware-subrequest header.
Vulnerability Alert: Remote Code Execution vulnerability CVE-2025-24813
Remote Code Execution CVE-2025-24813 vulnerability - See how Kodem runtime SCA and ADR can identify and block these attacks without specific CVE signatures
.png)
ISO 42001: What it Means for AI Security and Application Security Teams
As organizations increasingly adopt AI, the demand for standardized frameworks to manage AI risks has grown - enter ISO 42001.
.png)
February 2025 Edition of Kodem Kernels
Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.
.png)
Breaking the Developer Security Mold: A Call for Automated & Distributed Defenses
See why organizations must adopt automated defenses, infrastructure protections, external validation, and a stronger security culture to combat modern cyber threats.
.png)
Press Release: Security Rivals Unite to Launch “Opengrep” Following Semgrep Clampdown
The evolving landscape of open-source security highlights the importance of preserving access, innovation, and trust for the developer community.
.png)
Unveiling the State of Application Security Workflows 2025
This report offers actionable insights to future-proof application security programs and workflows, based on input from industry leaders, practitioners, developers, and DevOps professionals.
January 2025 Edition of Kodem Kernels - Product Advancements and Innovations
Kodem introduces transformative updates for security teams: runtime-informed prioritization, actionable remediation guidance with detailed fixes, and runtime-driven function-level analysis across multiple languages.
.png)
Vulnerability Alert: CVE-2024-53677:
CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component. CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component.
.png)
A Comparative Study of Reachability Analysis in Application Security
Explore our comparative study on reachability analysis in AppSec, highlighting modern solutions that integrate static and runtime data for precise vulnerability management and prioritization.
.png)
