In July 2024, I wrote, together with Chhaya Bharwaj, that the execution of the first climate mitigation judgment of the European Court of Human Rights, Verein KlimaSeniorinnen v. Switzerland, was a space to watch. This was because the Court found, for the first time, that the lack of an adequate legislative framework to mitigate the … Read more
Mar 06, 2025Ravie LakshmananData Security / Software Security Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has … Read more
Jan 04, 2025Ravie LakshmananVulnerability / Software Security A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It … Read more
Investment advisers are fiduciaries that owe a duty of care and loyalty to their clients. One component of this duty of care is an obligation to seek best execution of client securities transactions. While this requirement might sound relatively straightforward, the lack of a single definition for what this duty actually requires can make it … Read more
Grafana, an open-source data analytics and visualization platform, was found to have a critical vulnerability that could lead to remote code execution. The flaw, tracked as CVE-2024-9264, which has a CVSS v4 score of 9.4, was introduced in Grafana version 11 released in May 2024, Grafana Labs disclosed Thursday. The vulnerability stems from an experimental … Read more
