Tag

Secret-Key-Exposure

1 brief RSS

Pyroscope Secret Key Exposure via Tencent COS Configuration (CVE-2025-41118)

CVE-2025-41118 allows an attacker with direct access to the Pyroscope API, when configured with Tencent COS, to extract the secret_key configuration value, potentially leading to unauthorized access to the cloud storage backend.

pyroscope tencent-cos secret-key-exposure cve-2025-41118 cloud

2r 2t 1c 2w ago