Security Research & Discoveries

Latest security vulnerabilities, research findings, and insights from our security research team.

Security Research Nov 6, 2025

CVE-2025-62712: Unauthorized Access to Connection Tokens in JumpServer PAM

Critical security vulnerability discovered in JumpServer allowing unauthorized access to connection tokens via API endpoint. Learn about the technical details, exploitation methods, and root cause analysis.

Sergey Gerasimov • 12 min read

CVE-2025-62712JumpServerPAMAccess Control

Security Research Nov 6, 2025

CVE-2025-62795: Unauthorized LDAP Configuration Access via WebSocket in JumpServer PAM

High-severity vulnerability in JumpServer allowing low-privilege users to extract LDAP credentials via WebSocket endpoint. Detailed analysis of the exploitation method and root cause.

Sergey Gerasimov • 8 min read

CVE-2025-62795JumpServerLDAPWebSocket