CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

EUVD-2010-4590

Malware in sbrugna...

EUVD-2025-16667

Malicious code in bioql PyPI...

CVE-2025-48941

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden draft, unapproved, or soft-deleted threads containing specified text in the title. The visibility state...

CVE-2025-48941 MyBB may disclosure unviewable threads' titles in searches

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden draft, unapproved, or soft-deleted threads containing specified text in the title. The visibility state...

CVE-2025-48941 MyBB may disclosure unviewable threads' titles in searches

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden draft, unapproved, or soft-deleted threads containing specified text in the title. The visibility state...

MyBB 安全漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A security vulnerability exists in MyBB versions prior to 1.8.39, which stems from the search componen...

GMER - Automating Rootkit Analyzer Released

GMER - Automating Rootkit Analyzer Released GMER is an application that detects and removes rootkits . It scans for: hidden processes hidden threads hidden modules hidden services hidden files hidden disk sectors MBR hidden Alternate Data Streams hidden registry keys drivers hooking SSDT drivers...

CVE-2010-4625

MyBB aka MyBulletinBoard before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page...

CVE-2010-4625

MyBB aka MyBulletinBoard before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page...