1. Body-Parser Library Patches Critical Null Byte Injection Allowing Authentication Bypass
A null byte injection vulnerability in the widely deployed body-parser npm package has been patched after exposing protected endpoints to unauthenticated network attackers. CVE-2024-CRITICAL-002 carries a CVSS score of 9.1, reflecting the critical severity of an attack vector that requires no privileges and involves lo...