Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to
![]()
source https://thehackernews.com/2025/09/hackers-exploit-pandoc-cve-2025-51591.html
source https://thehackernews.com/2025/09/hackers-exploit-pandoc-cve-2025-51591.html