Product Updates
Jan 10, 2025
December 2024 Content & Platform Update
Welcome to the OffSec December 2024 content update! Find the full scoop inside.
OffSec Team
1 min read
As we close out another year, we want to take a moment to reflect on the strides we’ve made and the progress we’ve achieved together. December is the perfect time to pause, celebrate our successes, and look forward to the exciting opportunities that await us in the coming year. To wrap up 2025, we’re thrilled to share a special message from our CEO, offering insights into the growth and accomplishments we’ve seen this year, as well as a glimpse into the future of our company and the industry.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec
Research & Tutorials
CVE-2024-46986 – Arbitrary File Write in Camaleon CMS Leading to RCE
A vulnerability was discovered in Camaleon CMS authenticating attackers to write files on the file system which enabled them to execut remote code under certain conditions.
May 22, 2025
3 min read
Research & Tutorials
CVE-2024-2928: MLflow Local File Inclusion via URI Fragment Manipulation
Read about an LFI vulnerability disclosed in MLflow which allowed unauthenticated remote attackers to read arbitrary files by exploiting URI fragments containing directory traversal sequences.
May 15, 2025
3 min read
Research & Tutorials
CVE-2025-23211: Tandoor Recipes Jinja2 SSTI to Remote Code Execution
A critical SSTI vulnerability was discovered in the open-source meal planning application Tandoor Recipes leading to a full system compromise.
May 8, 2025
2 min read