SOCFortress CoPilot 授权问题漏洞

SOCFortress CoPilot is an open-source unified security operations platform developed by SOCFortress. Versions of SOCFortress CoPilot prior to 0.1.57 contained authorization-related vulnerabilities. These vulnerabilities stemmed from a hardcoded JWT signing key being used as a backup value, and th...

CVE-2026-25505

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...

CVE-2026-25505

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Open5GS has a security vulnerability, which stems from the use of a hardcoded JWT signing key...

EUVD-2025-30193

Malicious code in bioql PyPI...

PT-2025-38480

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The secret used for validating authentication tokens is hardcoded in device firmware. An attacker who obtains the signing key can bypass authentication, gaining...

KubePi 信任管理问题漏洞

KubePi is a K8s panel. It allows administrators to import multiple Kubernetes clusters and assign permissions for different clusters, namespaces to specified users through permission control. KubePi 1.6.2 and prior versions have a trust management issue vulnerability that stems from its jwt...