24h | 7d | 30d

Overview

  • authlib
  • joserfc

03 Mar 2026
Published
04 Mar 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.03%

KEV

Description

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service (DoS) via CPU exhaustion. When the library decrypts a JSON Web Encryption (JWE) token using Password-Based Encryption (PBES2) algorithms, it reads the p2c (PBES2 Count) parameter directly from the token's protected header. This parameter defines the number of iterations for the PBKDF2 key derivation function. Because joserfc does not validate or bound this value, an attacker can specify an extremely large iteration count (e.g., 2^31 - 1), forcing the server to expend massive CPU resources processing a single token. This vulnerability exists at the JWA layer and impacts all high-level JWE and JWT decryption interfaces if PBES2 algorithms are allowed by the application's policy.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
📌 CVE-2026-27932 - joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In 1.6.2 and earlier, a re... https://www.cyberhub.blog/cves/CVE-2026-27932
  • 0
  • 0
  • 0
  • Last hour

Overview

  • aces
  • Loris

25 Feb 2026
Published
25 Feb 2026
Updated

CVSS v3.0
HIGH (8.7)
EPSS
0.13%

KEV

Description

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with sufficient privileges can exploit a path traversal vulnerability to upload a malicious file to an arbitrary location on the server. Once uploaded, the file can be used to achieve remote code execution (RCE). An attacker must be authenticated and have the appropriate permissions to exploit this issue. If the server is configured as read-only, remote code execution (RCE) is not possible; however, the malicious file upload may still be achievable. This problem is fixed in LORIS v26.0.5 and above, v27.0.2 and above, and v28.0.0 and above. As a workaround, LORIS administrators can disable the media module if it is not being used.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
📌 CVE-2026-26984 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r... https://www.cyberhub.blog/cves/CVE-2026-26984
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Microsoft
  • Windows 11 version 21H2

11 Jun 2024
Published
17 Dec 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
52.31%

KEV

Description

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture fallback
CVE-2024-30085 Exposed: Two Full Exploit Chains for Windows Kernel Privilege Escalation + Video Introduction: A new, in-depth technical analysis of CVE-2024-30085 has been released, revealing not one, but two distinct and stable exploit strategies to achieve SYSTEM privileges on vulnerable Windows…
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • sysadminsmedia
  • homebox

03 Mar 2026
Published
04 Mar 2026
Updated

CVSS v3.1
HIGH (7.4)
EPSS
0.05%

KEV

Description

HomeBox is a home inventory and organization system. Prior to 0.24.0, the authentication rate limiter (authRateLimiter) tracks failed attempts per client IP. It determines the client IP by reading, 1. X-Real-IP header, 2. First entry of X-Forwarded-For header, and 3. r.RemoteAddr (TCP connection address). These headers were read unconditionally. An attacker connecting directly to Homebox could forge any value in X-Real-IP, effectively getting a fresh rate limit identity per request. There is a TrustProxy option in the configuration (Options.TrustProxy, default false), but this option was never read by any middleware or rate limiter code. Additionally, chi's middleware.RealIP was applied unconditionally in main.go, overwriting r.RemoteAddr with the forged header value before it reaches any handler. This vulnerability is fixed in 0.24.0.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
📌 CVE-2026-27981 - HomeBox is a home inventory and organization system. Prior to 0.24.0, the authentication rate limiter (authRateLimiter) tracks failed attempts per cli... https://www.cyberhub.blog/cves/CVE-2026-27981
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Pending

03 Mar 2026
Published
03 Mar 2026
Updated

CVSS
Pending
EPSS
0.07%

KEV

Description

An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts.

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture fallback
📌 CVE-2024-55024 - An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attacke... https://www.cyberhub.blog/cves/CVE-2024-55024
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • statamic
  • cms

27 Feb 2026
Published
02 Mar 2026
Updated

CVSS v3.1
HIGH (8.7)
EPSS
0.02%

KEV

Description

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This has been fixed in 5.73.11 and 6.4.0.

Statistics

  • 1 Post

Last activity: 5 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-28426 - Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon ... https://www.cyberhub.blog/cves/CVE-2026-28426
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • angular
  • angular

26 Feb 2026
Published
26 Feb 2026
Updated

CVSS v4.0
HIGH (7.6)
EPSS
0.04%

KEV

Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a cross-Site scripting vulnerability in the Angular internationalization (i18n) pipeline. In ICU messages (International Components for Unicode), HTML from translated content was not properly sanitized and could execute arbitrary JavaScript. Angular i18n typically involves three steps, extracting all messages from an application in the source language, sending the messages to be translated, and then merging their translations back into the final source code. Translations are frequently handled by contracts with specific partner companies, and involve sending the source messages to a separate contractor before receiving final translations for display to the end user. If the returned translations have malicious content, it could be rendered into the application and execute arbitrary JavaScript. When successfully exploited, this vulnerability allows for execution of attacker controlled JavaScript in the application origin. Depending on the nature of the application being exploited this could lead to credential exfiltration and/or page vandalism. Several preconditions apply to the attack. The attacker must compromise the translation file (xliff, xtb, etc.). Unlike most XSS vulnerabilities, this issue is not exploitable by arbitrary users. An attacker must first compromise an application's translation file before they can escalate privileges into the Angular application client. The victim application must use Angular i18n, use one or more ICU messages, render an ICU message, and not defend against XSS via a safe content security policy. Versions 21.2.0, 21.1.6, 20.3.17, and 19.2.19 patch the issue. Until the patch is applied, developers should consider reviewing and verifying translated content received from untrusted third parties before incorporating it in an Angular application, enabling strict CSP controls to block unauthorized JavaScript from executing on the page, and enabling Trusted Types to enforce proper HTML sanitization.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
Angularのi18n機能にXSSが可能になる危険な脆弱性(CVE-2026-27970) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • MongoDB Inc
  • MongoDB Server

10 Feb 2026
Published
11 Feb 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.05%

KEV

Description

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
The latest update for #CatoNetworks includes "Cato CTRL Threat Research: New #MongoDB Vulnerability Allows Instant Remote Server Takedown (CVE-2026-25611)" and "From Alerts to Action: Dynamic Prevention". #Cybersecurity #SASE https://opsmtrs.com/3M0ijCj
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • go-vikunja
  • vikunja

25 Feb 2026
Published
26 Feb 2026
Updated

CVSS v3.1
HIGH (7.2)
EPSS
0.06%

KEV

Description

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the restoreConfig function in vikunja/pkg/modules/dump/restore.go of the go-vikunja/vikunja repository fails to sanitize file paths within the provided ZIP archive. A maliciously crafted ZIP can bypass the intended extraction directory to overwrite arbitrary files on the host system. Additionally, we’ve discovered that a malformed archive triggers a runtime panic, crashing the process immediately after the database has been wiped permanently. The application trusts the metadata in the ZIP archive. It uses the Name attribute of the zip.File struct directly in os.OpenFile calls without validation, allowing files to be written outside the intended directory. The restoration logic assumes a specific directory structure within the ZIP. When provided with a "minimalist" malicious ZIP, the application fails to validate the length of slices derived from the archive contents. Specifically, at line 154, the code attempts to access an index of len(ms)-2 on an insufficiently populated slice, triggering a panic. Version 2.0.0 fixes the issue.

Statistics

  • 1 Post

Last activity: 2 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-27819 - Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the restoreConfig function in vikunja/pkg/modules/dump/restore... https://www.cyberhub.blog/cves/CVE-2026-27819
  • 0
  • 0
  • 0
  • 2h ago

Overview

  • gVectors Team
  • wpForo Forum

28 Feb 2026
Published
05 Mar 2026
Updated

CVSS v4.0
HIGH (8.8)
EPSS
0.01%

KEV

Description

wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-28562 - wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql(... https://www.cyberhub.blog/cves/CVE-2026-28562
  • 0
  • 0
  • 0
  • 3h ago
Showing 31 to 40 of 84 CVEs