GHSA-CJW9-GHJ4-FWXF fast-jwt has a ReDoS when using RegExp in allowed* leading to CPU exhaustion during token verification

⚠️ IMPORTANT CLARIFICATIONS Affected Configurations This vulnerability ONLY affects applications that: - Use RegExp objects not strings in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options - Configure patterns susceptible to catastrophic backtracking - Example: allowedAud...

fast-jwt: Stateful RegExp (/g or /y) causes non-deterministic allowed-claim validation (logical DoS)

Impact Using certain modifiers on RegExp objects in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options in verify functions can cause certain unintended behaviours. This is because some modifiers are stateful and will cause failures in every second verification attempt...

CVE-2026-35040

CVE-2026-35040 affects the fast-jwt library prior to version 6.2.1. The issue involves stateful RegExp modifiers /g and /y used in allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce verify options, which can cause 50% of valid authentication attempts to fail in an alternating pattern...

D-Link DIR-816 访问控制错误漏洞

The D-Link DIR-816 is a wireless router produced by D-Link Corporation. The D-Link DIR-816 1.10CNB05 version has a vulnerability related to access control. This vulnerability stems from incorrect handling of the parameter tokenid in the file redirect.asp, which may lead to improper access control...

CVE-2026-4180

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument tokenid leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

CVE-2026-4180 D-Link DIR-816 goahead redirect.asp access control

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument tokenid leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

PT-2026-25554

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

NocoDB Missing Ownership Validation in MCP Token Operations

Summary The MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. Details McpTokenService.get, regenerateToken, and delete did not filter by fkuserid. The analogous...

GHSA-P9X3-W98F-7J3Q NocoDB Missing Ownership Validation in MCP Token Operations

Summary The MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. Details McpTokenService.get, regenerateToken, and delete did not filter by fkuserid. The analogous...

CVE-2026-27840 ZITADEL's truncated opaque tokens are still valid

ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...

CVE-2025-55210

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

PT-2025-47422

The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.10.0 via the REST API endpoint and AJAX handler due to missing validation on user-controlled keys. This makes it possible for unauthenticated attackers to...

CVE-2025-57618

CVE-2025-57618 describes a path traversal vulnerability in StarNet FastX3 up to version 3.3.67. An unauthenticated attacker can read arbitrary server files, including configuration files containing the JWT signing secret and existing JTIs. This enables forging valid JWTs, potentially impersonatin...

EUVD-2024-42272

Malicious code in bioql PyPI...

CVE-2024-47089

This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request leading to unauthorized access and...

CVE-2024-47089

This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request leading to unauthorized access and...

CVE-2024-47089 Unauthorized Transaction Manipulation Vulnerability

This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request leading to unauthorized access and...

PT-2024-32403 · Unknown · Apex Softcell Ld Geo

Name of the Vulnerable Software and Affected Versions: Apex Softcell LD Geo affected versions not specified Description: This issue exists due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this by manipulating the transactio...

CVE-2023-21274

creationtimestamp| type| source ---|---|--- 2023-08-15 02:25:46+00:00| seen| https://t.me/cibsecurity/68523...

Unrestricted Access to setRoyalty Function

Lines of code Vulnerability details Impact Severity: High Likelihood: High Description The setRoyalty function in the ERC2981CollectionRoyalties contract can be called by anyone. This function is used to set the royalty information for a specific token ID. However, because there are no access...