Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/19 8:46 p.m.8 views

CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.

Impact A CoreWCF service is running and listening on a Kafka topic receiving a null-value record will stop processing new records from that topic. Preconditions The attacker has produce/write permission on a topic that CoreWCF is consuming from. If the broker permits anonymous publishes, no...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 8:46 p.m.6 views

GHSA-M744-JHQ9-PPW6 CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.

Impact A CoreWCF service is running and listening on a Kafka topic receiving a null-value record will stop processing new records from that topic. Preconditions The attacker has produce/write permission on a topic that CoreWCF is consuming from. If the broker permits anonymous publishes, no...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 3:50 p.m.13 views

CVE-2026-35443 NamelessMC: Forum reactions bypass the "view own topics only" restriction

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/26 7:58 p.m.0 views

CVE-2026-27162 DIscourse doesn't prevent whispers to leak in excerpts

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, postsnearby was checking topic access but then returning all posts regardless of type, including whispers that should only be visible to whisperers. Use Post.securedguardian to properly filter po...

7.1CVSS5.9AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder