CVE-2026-45289

CloudburstMC Protocol (Minecraft Bedrock Edition) has a vulnerability in the EncryptionUtils validation for FULL type auth tokens prior to version 3.0.0.Beta12-20260420.182526-15. Exploitation affects software depending on this protocol library by potentially weakening authentication payload vali...

CVE-2026-42188

Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery SSRF vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an...

CVE-2021-39177

Summary: CVE-2021-39177 affects Geyser versions prior to 1.4.2-SNAPSHOT, where an attacker who can connect to a server can forge a LoginPacket with a manipulated JWT token to impersonate any user. The issue is mitigated by upgrading to 1.4.2-SNAPSHOT or later, which includes a patch. Other workar...

Github Geyser授权问题漏洞

Github Geyser is Geyser is the bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition, bridging the gap between those who want to play truly cross-platform. Geyser 1.4.2-SNAPSHOT Previous versions of Geyser 1.4.2-SNAPSHOT had an authorization issue vulnerability that stemmed from...