265 matches found
GHSA-HC36-C89J-5F4J bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)
Unverified certifier signatures persisted by acquirecertificate Affected packages Both bsv-sdk and bsv-wallet are published from the sgbett/bsv-ruby-sdk repository. The vulnerable code lives in lib/bsv/walletinterface/walletclient.rb, which is physically shipped inside both gems the...
CVE-2026-35063
CVE-2026-35063 concerns OpenPLC_V3 REST API: an endpoint checks for JWT but does not verify the caller’s role. This allows any authenticated user with role=user to delete other users (including admins) by specifying a user_id, or to create new accounts with role=admin, effectively escalating to f...
CVE-2026-40070
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...
BSV Ruby SDK 数据伪造问题漏洞
BSV Ruby SDK is a Ruby development toolkit developed by Simon Bettison for BSV blockchain. Versions of the BSV Ruby SDK from 0.3.1 to 0.8.2 had a data manipulation vulnerability. This vulnerability stemmed from the lack of signature verification when storing certificate records, which could allow...
PT-2026-31672
Name of the Vulnerable Software and Affected Versions BSV Ruby SDK versions 0.3.1 through 0.8.1 BSV Ruby Wallet versions 0.1.2 through 0.3.3 Description The BSV Ruby SDK and Wallet contain a flaw in the acquire certificate function, which does not verify the certifier's signature over the...
CVE-2026-3480
The WP Blockade plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 0.9.14. The plugin registers an adminpost action hook 'wp-blockade-shortcode-render' that maps to the rendershortcodepreview function. This function lacks any capability check...
WordPress plugin BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-32144
A flaw was found in Erlang OTP publickey. This improper certificate validation vulnerability allows a remote attacker to bypass Online Certificate Status Protocol OCSP designated-responder authorization. The vulnerability stems from missing signature verification during OCSP response validation,...
CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...
PT-2026-31050
The Download Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in the actions handler and bulk actions handler methods in class-dlm-downloads-path.php in all versions up to, and including, 5.1.10. This is due to missing nonce verification on these functions. This makes it...
PT-2026-30715
Brave CMS is an open-source CMS. Prior to 2.0.6, an Insecure Direct Object Reference IDOR vulnerability exists in the article image deletion feature. It is located in app/Http/Controllers/Dashboard/ArticleController.php within the deleteImage method. The endpoint accepts a filename from the URL b...
CVE-2026-26928
SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...
PT-2026-30244
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...
EUVD-2026-18354
Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...
CVE-2026-33746
Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...
EUVD-2026-17162
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-33730 Open Source Point of Sale has an IDOR in Password Change (Home)
Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Prior to version 3.4.2, an Insecure Direct Object Reference IDOR vulnerability allows an authenticated low-privileged user to access the password change functionality of...
PT-2026-28623
Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description AVideo is an open source video platform. The get api video file and get api video API endpoints do not verify video passwords for password-protected videos. This allows an unauthenticated...
CVE-2026-31944
LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP Model Context Protocol OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, without verifying that the browser hitting the redire...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verifying the length of individual options in the fingerprint. This vulnerability may lead ...