6265 matches found
CVE-2025-66960
creationtimestamp| type| source ---|---|--- 2026-01-22 16:02:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkpfr7xc2a 2026-01-22 16:02:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkqenvk225...
CVE-2025-66959
creationtimestamp| type| source ---|---|--- 2026-01-22 16:02:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkp76uic2r 2026-01-22 16:02:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkq56pmt2g...
CVE-2026-24006
creationtimestamp| type| source ---|---|--- 2026-01-22 05:07:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyg426q4t2h 2026-01-22 05:09:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcyg7jdntp23 2026-01-24 21:22:29+00:00| seen|...
CVE-2026-23967
creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjlc4522h 2026-01-22 04:03:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyckhdi7u2g 2026-01-22 04:04:54+00:00| seen|...
CVE-2026-23966
creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjemu6x2h 2026-01-22 04:03:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyckaez5c2o 2026-01-22 04:04:16+00:00| seen|...
CVE-2026-24010
creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycj5itac23 2026-01-22 04:03:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjypyhr2x 2026-01-22 04:04:39+00:00| seen|...
CVE-2026-23961
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23962 Mastodon vulnerable to Denial of Service from a single post (client/server)
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...
CVE-2026-23962
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...
CVE-2026-23961
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961
Summary of CVE-2026-23961 (Mastodon): A logic flaw in how suspended remote users are handled allows old posts from those users to appear in timelines, and under some circumstances, newly created posts from suspended users can be processed and surfaced. Affected releases span multiple lines: v4.5....
CVE-2026-23737
creationtimestamp| type| source ---|---|--- 2026-01-22 00:00:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcxuwndae222 2026-01-22 01:38:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcy2gsutwl2m 2026-05-14 18:10:29+00:00| seen|...
WordPress plugin Carousel Horizontal Posts Content Slider has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-3985
Name of the Vulnerable Software and Affected Versions flexostudio flexo-posts-manager versions through 1.0001 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, which can lead to Reflected Cross-site Scripting XSS. This allows an...
PT-2026-3898
Name of the Vulnerable Software and Affected Versions Mastodon versions 4.2.26 through 4.2.29 Mastodon versions 4.3.13 through 4.3.17 Mastodon versions 4.4.5 through 4.4.11 Mastodon versions 4.5.0 through 4.5.4 Description Mastodon is a social network server that allows administrators to suspend...
PT-2026-4205
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in subhansanjaya Carousel Horizontal Posts Content Slider carousel-horizontal-posts-content-slider allows DOM-Based XSS.This issue affects Carousel Horizontal Posts Content Slider: from n/a through =...
WordPress plugin flexo-posts-manager has cross-site scripting vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...