Warisjeet Singh

**Name of the Vulnerable Software and Affected Versions** Exim versions 4.88 through 4.99.3 **Description** In certain proxy configurations, the PROXY-protocol parser mishandles short payloads, resulting in a pre-authentication information disclosure. This issue allows the leakage of uninitialized stack memory values, specifically live userspace virtual address (VA) pointers, to a client. This can be used as a primitive to defeat Address Space Layout Randomization (ASLR), which is a security technique used to prevent exploitation by randomizing the memory addresses used by a process. **Recommendations** Update to version 4.99.4.

**Name of the Vulnerable Software and Affected Versions** Gemini iOS (affected versions not specified) **Description** A flaw exists in Gemini iOS where sharing a conversation snippet inadvertently shares the entire conversation history through a publicly accessible link. This occurs because the sharing mechanism does not limit the content to the selected snippet, exposing the complete conversation to anyone with the link. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.