A severe security vulnerability has been discovered in the widely-used Insomnia API Client that allows attackers to execute arbitrary code through malicious template injection. The vulnerability, tracked as CVE-2025-1087 and assigned a critical CVSS score of 9.3, affects the popular API testing tool developed by Kong and remains exploitable in the latest version 11.2.0 despite […]
The post Insomnia API Client Vulnerability Arbitrary Code Execution via Template Injection appeared first on Cyber Security News.
This article has been indexed from Cyber Security News