Business Insider

How Null Byte Injections Work: A History of Our Namesake

In this Null Byte, I'm going to teach you about Null Byte Injections. Null Bytes are an older exploit. It works by injecting a "Null Character" into a URL to alter string termination and get ...
GitHub

500 Internal Server Error for URL Containing Null Byte (%00)

However the upstream handling code in ServeHTTP() would throw a 404 unless we modify handling of fs.ErrInvalid to throw a 400 instead. I believe mapping ErrInvalid to 400 is better in line with other ...
The Hacker News

Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 ...
GitHub

Security Constraint Bypass via Null Byte Injection in FalkorDB v4.14.8

FalkorDB contains a vulnerability in its Cypher query parser where the null byte (\x00) is incorrectly interpreted as a string terminator. This behavior allows an attacker to truncate the query string ...
Dark Reading

SonicWALL Adds Protection From SSL Certificate Null Byte Poisoning Exploit

SUNNYVALE, Calif., Aug. 3 /PRNewswire-FirstCall/ --SonicWALL, Inc. (Nasdaq: SNWL), a leading secure network infrastructure company, has deployed protection against ...