1. Appsmith OpenAPI Documentation Exposed to Unauthenticated Users Before Security Patch
Appsmith shipped a security fix addressing an information disclosure vulnerability that allowed any unauthenticated network user to access complete OpenAPI documentation for the platform. The flaw, tracked as GHSA-v6jh-fx3m-7xhw, earned a CVSS score of 5.3 (medium) and maps to CWE-200 (Exposure of Sensitive Information...