Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

/in

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions.
The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below –

CVE-2025-27610 (CVSS score: 7.5) – A path traversal

The Hacker News – ​Read More

All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection...RSA Conference 2025 – Pre-Event Announcements Summary (Part 2)