December “In the Trend of VM” (#22): vulnerabilities in Windows, the expr-eval library, Control Web Panel, and Django. A traditional monthly roundup of trending vulnerabilities – this time, a fairly compact one. 💽
🗞 Post on Habr (rus)
🗞 Post on SecurityLab (rus)
🗒 Digest on the PT website (rus)
Four vulnerabilities in total:
🔻 EoP – Windows Kernel (CVE-2025-62215)
🔻 RCE – expr-eval (CVE-2025-12735)
🔻 RCE – Control Web Panel (CVE-2025-48703)
🔻 SQLi – Django (CVE-2025-64459)
🟥 Trending Vulnerabilities Portal
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.