About 5,710,000 results
Open links in new tab
  1. telconet.net
    https://csirt.telconet.net › comunicacion › noticias-seguridad › ...

    Vulnerabilidad en Bitwarden permite ejecutar JavaScript malicioso …

    May 28, 2025 · Se ha identificado una vulnerabilidad de tipo Cross-Site Scripting (XSS), catalogada como CVE-2025-5138, que afecta a versiones de Bitwarden hasta la 2.25.1. Esta falla permite a un …

  2. segu-info.com.ar
    https://blog.segu-info.com.ar › vulnerabilidad-en-el-controlador-de.html

    Vulnerabilidad en el controlador de archivos PDF de Bitwarden permite ...

    May 28, 2025 · La falla de seguridad, designada como CVE-2025-5138, reside en el componente PDF File Handler y permite a los atacantes cargar archivos PDF maliciosos que pueden ejecutar código …

  3. cybersecuritynews.com
    https://cybersecuritynews.com › bitwarden-pdf-file-handler-vulnerability

    Bitwarden PDF File Handler Vulnerability Let Attackers Upload …

    May 26, 2025 · The security flaw, designated as CVE-2025-5138, resides in the PDF File Handler component and allows attackers to upload malicious PDF files that can execute arbitrary code when …

  4. nist.gov
    https://nvd.nist.gov › vuln › detail

    NVD - CVE-2025-5138

    Jun 20, 2025 · Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The …

  5. incibe.es
    https://www.incibe.es › incibe-cert › alerta-temprana › vulnerabilidades

    CVE-2025-5138 | INCIBE-CERT | INCIBE

    May 25, 2025 · La manipulación provoca cross-site scripting. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación sobre …

  6. gbhackers.com
    https://gbhackers.com › bitwarden-flaw

    Bitwarden Flaw Allows Upload of Malicious PDFs, Posing Security ...

    May 26, 2025 · The flaw, designated CVE-2025-5138, allows attackers to execute cross-site scripting (XSS) attacks through malicious PDF files uploaded to the platform’s file handling system.

  7. windowsforum.com
    https://windowsforum.com › threads

    Bitwarden PDF XSS Vulnerability (CVE-2025-5138): Risks & Mitigation ...

    May 26, 2025 · A recently disclosed flaw, tracked as CVE-2025-5138, has spotlighted a critical weakness in Bitwarden’s file handling system—specifically, allowing attackers to exploit PDF uploads …

  8. hispasec.com
    https://unaaldia.hispasec.com › bitwarden-expone-a-sus-usuarios-a-javascript...

    Bitwarden expone a sus usuarios a JavaScript malicioso incrustado en ...

    May 28, 2025 · El error, catalogado como CVE-2025-5138, reside en el PDF File Handler empleado por la función Resources de Bitwarden. El backend acepta cualquier tipo de archivo y, cuando el PDF se …

  9. securityvulnerability.io
    https://securityvulnerability.io › vulnerability

    CVE-2025-5138 : Cross Site Scripting Vulnerability in Bitwarden PDF ...

    May 25, 2025 · CVE-2025-5138 is a security vulnerability identified in Bitwarden, a popular open-source password management solution designed to securely store and manage sensitive information such …

  10. tenable.com
    https://www.tenable.com › cve

    CVE-2025-5138 | Tenable®

    May 25, 2025 · Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The …

Content was generated with AI. Learn more