CVE-2026-27787

Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...

CVE-2026-27145

creationtimestamp| type| source ---|---|--- 2026-06-03 09:00:04+00:00| seen| Telegram/5i-pTes7Ja8Uhuw9wP6auiAd2fWyZYO3DYvaqIbmREm4 2026-06-03 12:00:59+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mnf2r6hlix2f...

CVE-2026-10179

creationtimestamp| type| source ---|---|--- 2026-05-31 13:23:54+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mn5nyomfww2f 2026-05-31 13:28:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn5obdkwxa2m 2026-05-31 17:02:28+00:00| seen|...

GHSA-3V3M-WC6V-X4X3

creationtimestamp| type| source ---|---|--- 2026-05-04 08:45:23+00:00| seen| https://bsky.app/profile/mfahlandt.bsky.social/post/3mkzbtsjhx52w 2026-05-08 20:47:09+00:00| seen| https://bsky.app/profile/kubonai.bsky.social/post/3mlem23uryx2s 2026-05-13 14:46:52+00:00| seen|...

GCVE-1-2026-0028

creationtimestamp| type| source ---|---|--- 2026-04-29 19:43:54+00:00| seen| https://social.circl.lu/users/cedric/statuses/116489704812221144...

CVE-2026-41309

OSSN versions before 9.0 are vulnerable to resource exhaustion via image processing. An attacker can upload an extremely large image (e.g., 10000×10000), causing the server to allocate substantial memory and CPU during decompression and resizing, leading to DoS. The advisories recommend upgrading...

PT-2026-34840

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 times 10000$ pixels. While the compressed file size ...

Open Source Social Network（OSSN） 资源管理错误漏洞

Open Source Social Network OSSN is a social network engine developed by the OSSN team in Switzerland. Prior to version 9.0 of Open Source Social Network OSSN, there was a resource management vulnerability. This vulnerability stemmed from resource exhaustion, which could allow attackers to upload...

CERTFR-2026-ACT-016

creationtimestamp| type| source ---|---|--- 2026-04-13 09:31:53+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116396701141864601 2026-04-14 13:28:56+00:00| seen| https://bsky.app/profile/macsouverain.bsky.social/post/3mjhiefzp3q2z 2026-04-15 09:38:44+00:00| seen|...

CVE-2026-3371

creationtimestamp| type| source ---|---|--- 2026-04-11 02:16:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj6rfdrtl62r...

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

CVE-2026-33703

CVE-2026-33703 affects Chamilo LMS prior to version 2.0.0-RC.3. An Insecure Direct Object Reference (IDOR) vulnerability exists in the /social-network/personal-data/{userId} endpoint, allowing any authenticated user to access full personal data and API tokens of arbitrary users by altering the us...

Chamilo LMS 安全漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 2.0.0-RC.3 contained security vulnerabilities. These vulnerabilities stemmed fr...

PT-2026-32016

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 2.0.0-RC.3 Description Chamilo LMS, a learning management system, contains an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId API endpoint. An authenticated user can...

EUVD-2026-20341

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a through = 1.7.0...

CVE-2026-27787

MATCHA SNS contains a cross-site scripting vulnerability (CVE-2026-27787) affecting version 1.3.9 and earlier. The root cause is an XSS flaw that could allow arbitrary script execution in a user’s browser when visiting a compromised page. Public sources in connected documents confirm affected ver...

CVE-2026-33615

creationtimestamp| type| source ---|---|--- 2026-04-02 09:04:05+00:00| seen| https://infosec.exchange/users/certvde/statuses/116334306568810530 2026-04-02 09:04:13+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3miitxsrop2j2 2026-04-02 11:20:58+00:00| seen|...

CVE-2026-5321

creationtimestamp| type| source ---|---|--- 2026-04-02 06:21:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miikuiyug32z...

Code-Projects Social Networking Site SQL注入漏洞

Code-Projects Social Networking Site is an open-source social networking site developed by Code-Projects. Version 1.0 of Code-Projects Social Networking Site has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file deletephotos.php, whic...