Lucene search
+L

2844 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/25 2:52 a.m.4 views

CVE-2026-27632

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...

3.1CVSS5.5AI score0.00092EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 2:52 a.m.19 views

CVE-2026-27632

Talishar (fan-made Flesh and Blood project) has a CSRF vulnerability in state-changing endpoints such as SubmitChat.php prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48. An attacker who knows the gameName and playerID and the user is browsing a malicious site can forge requests to perform...

3.1CVSS5.6AI score0.00092EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/02/25 2:52 a.m.8 views

EUVD-2026-8603

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...

2.6CVSS5.6AI score0.00092EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.11 views

PT-2026-21847

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...

2.6CVSS5.5AI score0.00092EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.5 views

Orbital Escalation: Modeling Satellite Ransomware Attacks Using Game Theory

Ransomware has yet to reach orbit, but the conditions for such an attack already exist. This paper presents the first game-theoretic framework for modeling ransomware against satellites: the orbital escalation game. In this model, the attacker escalates ransom demands across orbital passes, while...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

OGP-Website 安全漏洞

OGP-Website is a software developed under the Open Game Panel open source framework. OGP-Website has a security vulnerability that stems from type confusion, which may lead to authentication bypass...

10CVSS5.8AI score0.00382EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/02/15 5:17 p.m.145 views

PoC-AntiAutoclicker

PoC-AntiAutoclicker Th...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.5 views

Secrecy and Verifiability: An Introduction to Electronic Voting

Democracies are built upon secure and reliable voting systems. Electronic voting systems seek to replace ballot papers and boxes with computer hardware and software. Proposed electronic election schemes have been subjected to scrutiny, with researchers spotting inherent faults and weaknesses...

5.7AI score
Exploits0
Securelist
Securelist
added 2026/02/11 2:0 p.m.7 views

The game is over: when “free” comes at too high a price. What we know about RenEngine

We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains. In February 2026, researchers from Howler Cell announced the discover...

6AI score
Exploits0
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...

7.5CVSS5.8AI score0.00228EPSS
Exploits0References5
OSV
OSV
added 2026/02/09 10:16 p.m.7 views

UBUNTU-CVE-2026-25918

unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via...

5.9CVSS5.8AI score0.00132EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/04 9:48 p.m.6 views

CVE-2026-25546

Godot MCP is a Model Context Protocol MCP server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlled input e.g., projectPath directly to exec, which...

7.8CVSS6.4AI score0.00853EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.6 views

CVE-2026-25144

Talishar is a fan-made Flesh and Blood project. A Stored XSS exists in the chat in-game system. The playerID parameter in SubmitChat.php and is saved without sanitization and executed whenever a user view the current page game. This vulnerability is fixed by 09dd00e5452e3cd998eb1406a88e5b0fa868e6...

5.3CVSS5.3AI score0.00251EPSS
Exploits0References1
Fedora
Fedora
added 2026/02/03 3:27 a.m.9 views

[SECURITY] Fedora 42 Update: openttd-15.1-1.fc42

OpenTTD is modeled after a popular transportation business simulation game by Chris Sawyer and enhances the game experience dramatically. Many features were inspired by TTDPatch while others are original...

5.3AI score
Exploits0
NVD
NVD
added 2026/02/02 11:16 p.m.8 views

CVE-2026-25144

Talishar is a fan-made Flesh and Blood project. A Stored XSS exists in the chat in-game system. The playerID parameter in SubmitChat.php and is saved without sanitization and executed whenever a user view the current page game. This vulnerability is fixed by 09dd00e5452e3cd998eb1406a88e5b0fa868e6...

5.3CVSS0.00251EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.9 views

PT-2026-5728

Name of the Vulnerable Software and Affected Versions Talishar affected versions not specified Description A Stored Cross-Site Scripting XSS issue exists within the in-game chat system. The playerID parameter in the 'SubmitChat.php' file is saved without proper sanitization. This unsanitized data...

5.3CVSS5.4AI score0.00251EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

Talishar 跨站脚本漏洞

Talishar is an open-source game client developed by Talishar. Talishar has a cross-site scripting vulnerability, which stems from the lack of cleaning and escaping of the playerID parameter. This vulnerability may lead to storage-based cross-site scripting attacks...

5.3CVSS5.6AI score0.00251EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/01/29 12:0 a.m.11 views

VulnCheck KEV: CVE-2025-61155

The GameDriverX64.sys kernel-mode anti-cheat driver v7.23.4.7 and earlier contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context...

5.5CVSS5.9AI score0.00275EPSS
In wildExploits2References2
HackRead
HackRead
added 2026/01/28 10:44 a.m.6 views

Phantom Malware in Android Game Mods Hijacks Devices for Ad Fraud

Another day, another Android malware strain. This time, Phantom malware aka Android.Phantom is targeting users who install third-party gaming apps from unofficial sources...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.11 views

Minecraft-Rcon-Manage security vulnerability

Minecraft-Rcon-Manage is a game server framework developed by MemoryCache’s individual developers. Versions of Minecraft-Rcon-Manage prior to version 3 contained security vulnerabilities, which stemmed from improper control over code generation, potentially leading to code injection attacks...

10CVSS5.9AI score0.00286EPSS
Exploits0References2
Rows per page
Query Builder