CyberSec-PAF-CTF-2026-writeup

CyberSec PAF CTF 2026 🚩 Hosted by the PAF-IAST Cyber-Sec So...

CVE-2025-69929

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format...

SUSE CVE-2025-45160

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page. NOTE: Multiple third-parties including the maintainer have stated that they cannot reproduce this issue after 1.2.27...

CVE-2025-69929

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format...

CVE-2025-69929

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format...

CVE-2025-45160

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page. NOTE: Multiple third-parties including the maintainer have stated that they cannot reproduce this issue after 1.2.27...

gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow

A flaw was found in GIMP. This heap-based buffer overflow vulnerability in the JP2 file parsing component allows a remote attacker to execute arbitrary code. Exploitation requires user interaction, where the target must open a specially crafted malicious JP2 file. Successful exploitation can lead...

EUVD-2025-206538

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page...

CVE-2025-69929

CVE-2025-69929 affects N3uron Web User Interface v1.21.7-240207.1047. The issue is a client-side password hashing flaw using MD5 over a predictable string format, enabling a remote attacker to escalate privileges. The CVE entry is marked with a critical base score (9.8) and a network attack vecto...

PT-2026-5309

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page...

CVE-2025-45160

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page. NOTE: Multiple third-parties including the maintainer have stated that they cannot reproduce this issue after 1.2.27...

📄 Samsung libimagecodec.quram.so Buffer Overflow / Denial of Service

This proof of concept demonstrates a denial of service vulnerability in Samsung's libimagecodec.quram.so JPEG decoder. By crafting a structurally valid JPEG file with maliciously large image dimensions height 65535, width 2862 in the SOF0 marker, the decoder performs unsafe size calculations duri...

CVE-2026-24857

bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...

EUVD-2026-4895

Stored Cross-Site Scripting XSS vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's context when they download and open the file via the link...

CVE-2026-0483 Stored Cross-Site Scripting (XSS) vulnerability in LiveHelperChat

Stored Cross-Site Scripting XSS vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's context when they download and open the file via the link...

EUVD-2025-206393

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

CLSA-2026-1769507907 Fix CVE(s): CVE-2024-50349

SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...

CLSA-2026-1769507695 Fix CVE(s): CVE-2024-50349

SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...

[SECURITY] Fedora 42 Update: ghostscript-10.05.1-6.fc42

This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...

Linux Distros Unpatched Vulnerability : CVE-2026-22795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing...