Overview
Description
Statistics
- 1 Post
Overview
- 0xJacky
- nginx-ui
Description
Statistics
- 1 Post
Fediverse
VulnCheck added CVE-2026-33032 (MCPwn) to its actively-exploited list on April 13. nginx-ui authenticates /mcp but /mcp_message has no auth middleware. Pluto Security found two HTTP requests to full Nginx takeover. 2,600 reachable instances, fix shipped a month earlier in v2.3.4. Every integration protocol I have shipped across 14 compliant platforms had this failure mode. Uniform auth on audited endpoints, absent on the one added in a hurry.
Overview
- MinecAnton209
- NovumOS
Description
Statistics
- 1 Post
Fediverse
🚩 CRITICAL: CVE-2026-40572 impacts MinecAnton209 NovumOS < 0.24. Syscall 15 flaw allows local privilege escalation by mapping over kernel memory — patch to v0.24+ ASAP! https://radar.offseq.com/threat/cve-2026-40572-cwe-269-improper-privilege-manageme-6ff979fd #OffSeq #CVE202640572 #NovumOS #Infosec
Overview
- Fortinet
- FortiSandbox
Description
Statistics
- 1 Post
Bluesky
Overview
- gramps-project
- gramps-web-api
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2026-40258: CRITICAL path traversal in gramps-web-api (1.6.0-3.11.0). Owner-level users can write files outside intended dirs via crafted ZIPs. Upgrade to 3.11.1+ to mitigate! https://radar.offseq.com/threat/cve-2026-40258-cwe-22-improper-limitation-of-a-pat-00f841f8 #OffSeq #CVE202640258 #PathTraversal #Infosec
Overview
- ChilliCream
- graphql-platform
Description
Statistics
- 1 Post
Fediverse
🚨 CRITICAL: CVE-2026-40324 in ChilliCream Hot Chocolate allows attackers to crash GraphQL workers via deeply nested queries (StackOverflowException). Denial of service risk. Patch to 12.22.7, 13.9.16, 14.3.1, 15.1.14. Details: https://radar.offseq.com/threat/cve-2026-40324-cwe-674-uncontrolled-recursion-in-c-0796aaf1 #OffSeq #CVE202640324 #GraphQL #DoS
Overview
- composer
- composer
Description
Statistics
- 1 Post
Overview
- composer
- composer
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Overview
- Microsoft
- Windows 10 Version 1607
Description
Statistics
- 1 Post