A New Denial-of-Service Vector in React Server Components

React Server Components RSC have introduced a hybrid execution model that expands application capabilities while increasing the potential attack surface. Following earlier disclosures and fixes related to React DoS vulnerabilities, an additional analysis of RSC internals was conducted to assess...

PT-2026-7973

CVE-2026-25251 - "SourceForge Information Disclosure Vulnerability" CVE ID : CVE-2026-25251 Published : Feb. 10, 2026, 11:16 p.m. | 4 hours, 3 minutes ago Description : Rejected reason: This has been moved to the REJECTED state because the information source is under review. If circumstances...

CVE-2026-25251

This has been moved to the REJECTED state because the information source is under review. If circumstances change, it is possible that this will be moved to the PUBLISHED state at a later date...

CVE-2025-45769

php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not...

awwda.go.ke Improper Access Control vulnerability OBB-3845192

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

futuremusic-es.com Improper Access Control vulnerability OBB-3769628

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...