A newly disclosed vulnerability in the widely used Ruby URI library — tracked as CVE-2025-61594 — reopens a previously patched avenue for credential leakage by bypassing the fix for CVE-2025-27221 and allowing sensitive userinfo (username/password) to leak when URIs are combined using the +...
