CVE-2026-30949

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.5 and 8.6.18, the Keycloak authentication adapter does not validate the azp authorized party claim of Keycloak access tokens against the configured client-id. A valid acces...

EUVD-2026-10869

Parse Server missing audience validation in Keycloak authentication adapter...

EUVD-2026-10868

Parse Server missing audience validation in Keycloak authentication adapter...

GHSA-48MH-J4P5-7J9V Parse Server missing audience validation in Keycloak authentication adapter

Impact The Keycloak authentication adapter does not validate the azp authorized party claim of Keycloak access tokens against the configured client-id. A valid access token issued by the same Keycloak realm for a different client application can be used to authenticate as any user on the Parse...

CVE-2026-30949

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.5 and 8.6.18, the Keycloak authentication adapter does not validate the azp authorized party claim of Keycloak access tokens against the configured client-id. A valid acces...

CVE-2026-30949 Parse Server is missing audience validation in Keycloak authentication adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.5 and 8.6.18, the Keycloak authentication adapter does not validate the azp authorized party claim of Keycloak access tokens against the configured client-id. A valid acces...

CVE-2026-30949 Parse Server is missing audience validation in Keycloak authentication adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.5 and 8.6.18, the Keycloak authentication adapter does not validate the azp authorized party claim of Keycloak access tokens against the configured client-id. A valid acces...

PT-2026-24427

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 9.5.2-alpha.5 Parse Server versions prior to 8.6.18 Description Parse Server, an open source backend deployable on Node.js infrastructures, contains a flaw in its Keycloak authentication adapter. Specifically, th...

PT-2026-5648

A vulnerability in the lollms generation events.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The add events function registers event handlers such as generate text, cancel generation, generate msg, and generate msg from without...

[SECURITY] Fedora 43 Update: gpsd-3.26.1-6.fc43

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

EUVD-2023-27305

Malicious code in bioql PyPI...

CVE-2023-23205

An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multiclientserver/multiclientserver.c...

Nosy Layers, Noisy Fixes: Tackling DRAs in Federated Learning Systems Using Explainable AI

Federated Learning FL has emerged as a powerful paradigm for collaborative model training while keeping client data decentralized and private. However, it is vulnerable to Data Reconstruction Attacks DRA such as "LoKI" and "Robbing the Fed", where malicious models sent from the server to the clie...

Enhancing Noisy Functional Encryption for Privacy-Preserving Machine Learning

Functional encryption FE has recently attracted interest in privacy-preserving machine learning PPML for its unique ability to compute specific functions on encrypted data. A related line of work focuses on noisy FE, which ensures differential privacy in the output while keeping the data encrypte...

PT-2024-15406 · Silicon · Bluetooth Stack For Efr32

Name of the Vulnerable Software and Affected Versions: Silicon Labs' Bluetooth stack for EFR32 products affected versions not specified Description: A memory leak in the Bluetooth stack may cause memory to be exhausted when sending notifications to multiple clients, resulting in all Bluetooth...

pyFUD - Multi Clients FUD Reverse Shell

python3 based multi clients reverse shell. Warning: 1. Don't Upload Any Payloads To VirusTotal.com Bcz This tool will not work with Time. 2. Virustotal Share Signatures With AV Comapnies. 3. Again Don't be an Idiot! Installation: 1. git clone https://github.com/machine1337/pyFUD 2. python3...

Memory corruption

An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multiclientserver/multiclientserver.c...

CVE-2023-23205

An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multiclientserver/multiclientserver.c...

MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.

...

PwnLnX - An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems

An advanced multi-threaded , multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer : This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a comput...