3 matches found
EUVD-2026-24182
blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed with no IP-based rate limiting, no per-account attempt counter, no temporary lockout, no progressiv...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force via the AssumeRoleWithLDAPIdentity endpoint, which exposes distinguishable error messages and lacks rate limiting. An attacker can enumerate valid LDAP usernames and perform unlimited password guessing to obtain temporary...
dify 安全漏洞
dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in dify version v0.10.1, which stems from an unlimited number of password reset code guessing attempts, which could lead to a fully cracked account...