Episode

Lessons from MongoBleed, CWE Top 25, and Secure Coding Benchmarks - ASW #366

Podcast

Application Security Weekly (Audio)

Published

Jan 20, 2026

Duration seconds

2645

Processing state

not_requested

Canonical source

https://aswaudio.libsyn.com/lessons-from-mongobleed-cwe-top-25-and-secure-coding-benchmarks-asw-366

Audio

https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_366_1--93d99b9b-4864-46dc-8a86-7c437511631e--audio-converted--c81a3a3c-4e25-43d5-aa11-47b224091289.mp3?dest-id=626765

JSON

/v1/public/podcasts/application-security-weekly-audio-436682/episodes/lessons-from-mongobleed-cwe-top-25-and-secure-coding-benchmarks-asw-366

Markdown

/podcast/application-security-weekly-audio-436682/lessons-from-mongobleed-cwe-top-25-and-secure-coding-benchmarks-asw-366.md

Actions

• POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/lessons-from-mongobleed-cwe-top-25-and-secure-coding-benchmarks-asw-366/transcription-requests
  Idempotently request low-priority transcript generation for this episode.
• GET https://stenobird.com/podcast/application-security-weekly-audio-436682/lessons-from-mongobleed-cwe-top-25-and-secure-coding-benchmarks-asw-366.md
  Read the agent-friendly Markdown representation of this episode resource.

Summary

MongoBleed and a recent OWASP CRS bypass show how parsing problems remain a source of security flaws regardless of programming language. We talk with Kalyani Pawar about how these problems rank against the Top 25 CWEs for 2025 and what it means for relying on LLMs to generate code. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-366