Blog

In our blog, we report on pentesting, red teaming, and the latest news from MindBytes.

We assign our articles to categories. This gives you a quick overview of all articles in a category when needed:

Pentesting & Red Teaming | CVEs | MindBytes – Update! | Vulnerabilities & where to find them

SMTP Injection in enaio® component AppConnector (CVE-2025-56425)

Affected Product: enaio® component AppConnector – Version 10.10.0.183 and earlier of enaio® 10.10, Version 11.0.0.183 and earlier of enaio® 11.0, Version 11.10.0.183 and earlier of enaio® 11.10 CVSS Score (v3.1): 7.7 (High) Assigned CVE: CVE-2025-56425 Recommendation:...

XML External Entity (XXE) Injection in e-invoice pro (CVE-2025-56424)

CVEs

Affected Product: e-invoice pro by Insiders Technologies GmbH - Versions prior to Release 1 Service Pack 2 CVSS Rating (v3.1): 7.6 (High) Assigned CVE: CVE-2025-56424 Recommendation: Update to Release 1 Service Pack 2 or higher Credit: Simon Holl and Lucas Noki of...

Christmas Greetings

MindBytes - Update!

We already shared our annual review with you on LinkedIn at the beginning of December. And yet, there's already something new:Almost secretly and quietly, our website has received a little refresh – so feel free to stop by again. Otherwise, all that's left for us is...