CVE-2026-40591 FreeScout: Improper Authorization in Phone Conversation Creation Enables Cross-Mailbox Hidden Customer Modification

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled customerid, name, toemail, and phone values and resolves the target customer in the backend without enforcing mailbox-scoped customer visibility...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.214 contained security vulnerabilities. These vulnerabilities stemmed from the phone conversation creation process, which...

Eavesdropping on Phone Conversations Through Vibrations

Researchers have managed to eavesdrop on cell phone voice conversations by using radar to detect vibrations. It's more a proof of concept than anything else. The radar detector is only ten feet away, the setup is stylized, and accuracy is poor. But it's a start...

NSA RETRO Tool Collects Content of Phone Calls

The latest in the slow but steady trickle of leaks dripping out of NSA whistleblower Edward Snowden reportedly shows that the U.S. spying agency has the capacity to recall entire foreign phone call conversations for as long a month after the fact. The program, according to a Washington Post repor...