Arbitrary File Deletion

Gin-vue-admin is vulnerable to arbitrary file deletion. The vulnerability is due to improper validation of the FileMd5 parameter, which allows an attacker to manipulate file paths and delete arbitrary files or folders on the server...

CVE-2026-31839

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

Security update for python-Authlib

This update for python-Authlib fixes the following issues: CVE-2026-27962: JWS deserializecompact allows for signature bypass by accepting user-controlled embedded JWK as verification key bsc1259738. CVE-2026-28490: cryptographic padding oracle in JWE RSA15 key management algorithm bsc1259736...

CVE-2026-28498

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect OIDC ID Tokens. Specifically, the internal hash verification logic verifyhash...

CVE-2026-31839

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

CVE-2026-31839 Striae has a hash validation utility vulnerability

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

CVE-2026-31839

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

CVE-2026-31839 Striae has a hash validation utility vulnerability

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

CVE-2026-31839

Summary of CVE-2026-31839 (Striae) : A high-severity integrity bypass existed in Striae’s digital confirmation workflow prior to v3.0.0. Hash-only validation could be bypassed because trusted manifest hash fields could be modified alongside package content, allowing tampered confirmation packages...

CVE-2026-31839 Striae has a hash validation utility vulnerability

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

EUVD-2026-11240

Striae has a hash validation utility vulnerability...

Striae has a hash validation utility vulnerability

Summary A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered confirmation packages to pass integrity checks. Impac...

📄 Litespeed Cache 6.4.0.1 Privilege Escalation

WordPress Litespeed Cache plugin version 6.4.0.1 allows attackers to brute-force authentication hashes and create administrative users without any initial credentials...

CVE-2023-53894

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

CVE-2023-53894

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

PHP Filesystem Management Tool 安全漏洞

PHP Filesystem Management Tool is a system management tool by the individual developer Fabrício Seger Kolling. A security vulnerability exists in PHP Filesystem Management Tool version 1.7.9, which stems from a loose type comparison in password hash validation that could lead to an authentication...

CVE-2025-44016

CVE-2025-44016 – TeamViewer DEX Client (NomadBranch.exe) affects TeamViewer DEX Client Content Distribution Service on Windows prior to 25.11. A crafted request can bypass file integrity validation by supplying a valid hash for a malicious file, causing Nomad Branch to treat the file as trusted a...

CVE-2025-44016 File Hash Validation Bypass in NomadBranch.exe

A vulnerability in TeamViewer DEX Client former 1E client - Content Distribution Service NomadBranch.exe prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the...

CVE-2025-44016 File Hash Validation Bypass in NomadBranch.exe

A vulnerability in TeamViewer DEX Client former 1E client - Content Distribution Service NomadBranch.exe prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the...

EUVD-2021-21754

Malware in sbrugna...