Last Week in AppSec for 22. July 2025

**Executive summary:** This Checkmarx roundup details three notable vulnerabilities: PerfektBlue (a chain of BlueSDK CVEs enabling 1‑click RCE affecting mobile devices and automotive infotainment), a critical NVIDIA Container Toolkit container‑escape (CVE-2025-23266) that can lead to privileged code execution during container creation, and an anonymous Grafana XSS (CVE-2025-6023); vendors have released fixes and mitigation guidance.