PT-2026-46931

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

Mattermost 安全漏洞

Mattermost Server is the United States Mattermost company's set of open source messaging platform. An Access Control Error vulnerability exists in Mattermost Server, which can be exploited by an attacker to bypass access restrictions and obtain metadata about public scripts...