CVE-2026-4837 Eval Injection in Rapid7 Insight Agent

An eval injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS mTLS to verify commands from the Rapid7 Platform, it is...

Microsoft Azure PlayFab 安全漏洞

Microsoft Azure PlayFab is a gaming backend platform from Microsoft Corporation in the United States. A security vulnerability exists in Microsoft Azure PlayFab that stems from elevation of privilege...

TikTok: Chain Vulnerability lead to Full Control Group Live Accounts & Undeletable Creator

A vulnerability was discovered in a TikTok LIVE backend platform that could have allowed a user to gain access controls beyond their account privileges. The vulnerability was reported by @eneri...

PT-2023-6603 · Appwrite · Appwrite

Name of the Vulnerable Software and Affected Versions: Appwrite versions up to v1.2.1 Description: The issue is related to insufficient validation of incoming requests in the /v1/avatars/favicon component of the Appwrite backend platform for developing mobile and web applications. This allows a...