2844 matches found
CVE-2026-27632
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...
CVE-2026-27632
Talishar (fan-made Flesh and Blood project) has a CSRF vulnerability in state-changing endpoints such as SubmitChat.php prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48. An attacker who knows the gameName and playerID and the user is browsing a malicious site can forge requests to perform...
EUVD-2026-8603
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...
PT-2026-21847
Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery CSRF protections on critical state-changing endpoints, specifically within SubmitChat.php and other game interaction handlers. By...
Orbital Escalation: Modeling Satellite Ransomware Attacks Using Game Theory
Ransomware has yet to reach orbit, but the conditions for such an attack already exist. This paper presents the first game-theoretic framework for modeling ransomware against satellites: the orbital escalation game. In this model, the attacker escalates ransom demands across orbital passes, while...
OGP-Website 安全漏洞
OGP-Website is a software developed under the Open Game Panel open source framework. OGP-Website has a security vulnerability that stems from type confusion, which may lead to authentication bypass...
PoC-AntiAutoclicker
PoC-AntiAutoclicker Th...
Secrecy and Verifiability: An Introduction to Electronic Voting
Democracies are built upon secure and reliable voting systems. Electronic voting systems seek to replace ballot papers and boxes with computer hardware and software. Proposed electronic election schemes have been subjected to scrutiny, with researchers spotting inherent faults and weaknesses...
The game is over: when “free” comes at too high a price. What we know about RenEngine
We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains. In February 2026, researchers from Howler Cell announced the discover...
Apple多款产品 安全漏洞
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...
UBUNTU-CVE-2026-25918
unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line arguments including --email and --password are output via...
CVE-2026-25546
Godot MCP is a Model Context Protocol MCP server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlled input e.g., projectPath directly to exec, which...
CVE-2026-25144
Talishar is a fan-made Flesh and Blood project. A Stored XSS exists in the chat in-game system. The playerID parameter in SubmitChat.php and is saved without sanitization and executed whenever a user view the current page game. This vulnerability is fixed by 09dd00e5452e3cd998eb1406a88e5b0fa868e6...
[SECURITY] Fedora 42 Update: openttd-15.1-1.fc42
OpenTTD is modeled after a popular transportation business simulation game by Chris Sawyer and enhances the game experience dramatically. Many features were inspired by TTDPatch while others are original...
CVE-2026-25144
Talishar is a fan-made Flesh and Blood project. A Stored XSS exists in the chat in-game system. The playerID parameter in SubmitChat.php and is saved without sanitization and executed whenever a user view the current page game. This vulnerability is fixed by 09dd00e5452e3cd998eb1406a88e5b0fa868e6...
PT-2026-5728
Name of the Vulnerable Software and Affected Versions Talishar affected versions not specified Description A Stored Cross-Site Scripting XSS issue exists within the in-game chat system. The playerID parameter in the 'SubmitChat.php' file is saved without proper sanitization. This unsanitized data...
Talishar 跨站脚本漏洞
Talishar is an open-source game client developed by Talishar. Talishar has a cross-site scripting vulnerability, which stems from the lack of cleaning and escaping of the playerID parameter. This vulnerability may lead to storage-based cross-site scripting attacks...
VulnCheck KEV: CVE-2025-61155
The GameDriverX64.sys kernel-mode anti-cheat driver v7.23.4.7 and earlier contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context...
Phantom Malware in Android Game Mods Hijacks Devices for Ad Fraud
Another day, another Android malware strain. This time, Phantom malware aka Android.Phantom is targeting users who install third-party gaming apps from unofficial sources...
Minecraft-Rcon-Manage security vulnerability
Minecraft-Rcon-Manage is a game server framework developed by MemoryCache’s individual developers. Versions of Minecraft-Rcon-Manage prior to version 3 contained security vulnerabilities, which stemmed from improper control over code generation, potentially leading to code injection attacks...