CVE-2026-25540 Mastodon's signature-dependent ActivityPub collection responses cached under signature-independent keys (Web Cache Poisoning via `Rails.cache`)

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.3.19, 4.4.13, 4.5.6, Mastodon is vulnerable to web cache poisoning via Rails.cache. When AUTHORIZEDFETCH is enabled, the ActivityPub endpoints for pinned posts and featured hashtags have contents that...