CVE-2026-22601

creationtimestamp| type| source ---|---|--- 2026-01-10 03:02:22+00:00| published-proof-of-concept| Telegram/Nl1nJ7oKFPgxJQcjsLBwT7qdFTbkUrNVanLI6gM4hULEEs 2026-01-10 03:55:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mc24hsaai52q...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2022-22601

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...

CVE-2025-22601

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

CVE-2025-22601

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

CVE-2025-22601 Client Side Path Traversal using activate account route in Discourse

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the activate-account route. This problem has been patched in the latest version of Discourse. Users are...

CVE-2025-22601

CVE-2025-22601 affects Discourse via the activate-account route; a crafted link could cause a target user to modify their own username. The issue is tied to a client-side path traversal in affected Discourse releases. According to sources, the vulnerability has been patched in the latest Discours...

CVE-2024-22601

creationtimestamp| type| source ---|---|--- 2024-02-12 14:41:52+00:00| seen| https://t.me/ctinow/183126 2025-06-20 18:42:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19037...

CVE-2024-22601

CVE-2024-22601 concerns FlyCms v1.0 and a CSRF vulnerability exploitable at the API endpoint /system/score/scorerule_save. The connected documents consistently describe a Cross-Site Request Forgery issue in FlyCms 1.0, with the underlying risk indicated as high (CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U...

CVE-2023-22601

creationtimestamp| type| source ---|---|--- 2023-05-16 17:37:53+00:00| seen| https://t.me/truesecator/4386...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2022-22601

CVE-2022-22601 corresponds to an Apple Xcode out-of-bounds read vulnerability. The connected documents confirm a flaw in Xcode that can be triggered by opening a maliciously crafted file, potentially causing unexpected termination or arbitrary code execution. The issue is addressed by improved bo...

About the security content of Xcode 13.3

About the security content of Xcode 13.3 This document describes the security content of Xcode 13.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...