⚡ Keep systems protected — patch promptly, monitor continuously, and enforce secure configurations. 🔗 Learn more about these and other recent CVEs on our website: https://t.co/991aOEwpBR #SecurityUpdate #Vulnerability #RCE #DoS #NetworkSecurity #Hossted

5️⃣ OpenVPN — Remote Shell Injection via DNS Variables (CVE-2025-10680) Authenticated servers can inject shell commands on clients via crafted DNS variables. ➡️ Upgrade: 2.7_beta2+ or avoid 2.7_alpha1–2.7_beta1

4️⃣ Vault — DoS via Rate Limit Regression (CVE-2025-12044) Malformed JSON payloads bypass rate limits, triggering denial of service. ➡️ Upgrade: 1.21.0 (Community) / 1.16.27+, 1.18.16+, 1.19.11+, 1.20.5+ (Enterprise)

3️⃣ Sonatype Nexus — SSRF in Remote Browser Plugin (CVE-2025-9868) Crafted HTTP requests can expose proxy credentials — no authentication required. ➡️ Upgrade: Nexus Repository 3.x

2️⃣ Strapi — Unauthorized Access via Lookup Parameter (CVE-2024-56143) Improper sanitization lets attackers read private fields — passwords, reset tokens, and more. ➡️ Upgrade: 5.5.2+

1️⃣ Apache Spark — Insecure RPC Encryption (CVE-2025-55039) Encryption without authentication (AES/CTR/NoPadding) can be altered via man-in-the-middle attacks. ➡️ Upgrade: 3.4.4 / 3.5.2 / 4.0.0+

🚨 Top 5 Open Source Vulnerabilities of the Last Two Weeks: October 20–November 2, 2025 This roundup covers #ApacheSpark, #Strapi, #SonatypeNexus, #Vault, and #OpenVPN — five critical updates you shouldn’t ignore 👇 #OpenSource #CyberSecurity #DevSecOps

Explore more about Hossted supported apps here 👉 https://t.co/uBoeduHyuV

🔒Control your secrets, protect your passwords with #Hossted ▫️ #HashiCorpVault – Encrypted secrets ▫️ #Vaultwarden – Secure passwords ▫️ #OpenVAS – Scan vulnerabilities ▫️ #IntelOwl – Threat intelligence ▫️ #Wazuh – Monitor & comply 🔗 More about apps — link in comments

Learn more about Hossted solutions & 24/7 support: https://t.co/oLMzG2GsFm

💡 #CostEfficiency that Makes Sense Managing multiple #OpenSource apps shouldn’t break your budget. #Hossted delivers enterprise-level #support with transparent and affordable pricing — where efficiency meets quality. Hossted – Beyond Support Learn more in the comments.

✨ Calm in Every Environment. Hossted – Beyond Support. Learn more about #Hossted: https://t.co/pqhgO1HwQA #OpenSource #DevOps #CyberSecurity #CloudComputing #Halloween

💻Glowing screens, evening deployments, shifting clouds — our team continues to work with a calm and consistent approach. Your uptime is in reliable hands. #Cloud #IT #Tech #SysAdmin

🎃 Even when the night feels a bit mysterious, your systems should remain steady. At #Hossted, we keep your #OpenSource environments stable, secure, and fully supported — no matter what’s happening outside the window. #DevOps #SRE #SupportGaza ⬇️

🔗 Read the full article on the NVIDIA Blog here:

💡 Interesting Update From the Open-Source World #NVIDIA boosts #ROS2 with major contributions and joins the Open Source #Robotics Alliance to advance “Physical #AI.” #OpenSource is moving into real-world autonomous and industrial systems. 🔗Full article in comments. #Hossted

Learn more about Hossted solutions & 24/7 support: https://t.co/oLMzG2H0uU

Full-Stack Expertise with #Hossted From front-end to #DevOps, Hossted supports the full #OpenSource stack — #React, #NextJS, #Django, #Jenkins, #PostgreSQL, #Kafka & more. We ensure monitoring, security & 24/7 support, so teams can focus on building. Learn more in the comments.

⚡ Keep your systems up to date, monitor configurations, and protect your open-source environments. #OpenSource #CyberSecurity #DevSecOps #Vulnerability #SecurityUpdate #CrossSiteScripting #DataProtection #Elasticsearch #Redis #ArgoCD #Kibana #Rancher #DevOps #Hossted

5️⃣ Elasticsearch — Sensitive Information Exposure in Reindex API Logs Reindex API requests may leak confidential details into log files under certain conditions. ➡️ Upgrade: 8.18.8 / 8.19.5 / 9.0.8 / 9.1.5 (Reference: CVE-2025-37727)