5 matches found
BIT-MASTODON-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961
Summary of CVE-2026-23961 (Mastodon): A logic flaw in how suspended remote users are handled allows old posts from those users to appear in timelines, and under some circumstances, newly created posts from suspended users can be processed and surfaced. Affected releases span multiple lines: v4.5....
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2025-0593
creationtimestamp| type| source ---|---|--- 2025-02-14 20:26:29+00:00| seen| https://infosec.exchange/users/cve/statuses/114004118016579859 2025-02-14 21:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li64qtpuri2x 2025-02-14 22:10:55+00:00| seen|...
CVE-2024-9939
creationtimestamp| type| source ---|---|--- 2025-01-07 21:01:04+00:00| seen| https://bsky.app/profile/abrahack.bsky.social/post/3lf6k7fj6x22d 2025-01-08 08:34:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113791814054818001 2025-01-08 09:12:49+00:00| published-proof-of-concept|...