CVE-2026-21868

Flag Forge is a Capture The Flag CTF platform. Versions 2.3.2 and below have a Regular Expression Denial of Service ReDoS vulnerability in the user profile API endpoint /api/user/username. The application constructs a regular expression dynamically using unescaped user input the username paramete...

CVE-2026-21868 Flag Forge has ReDoS Vulnerability in User Profile Lookup API

Flag Forge is a Capture The Flag CTF platform. Versions 2.3.2 and below have a Regular Expression Denial of Service ReDoS vulnerability in the user profile API endpoint /api/user/username. The application constructs a regular expression dynamically using unescaped user input the username paramete...

Flag Forge 安全漏洞

Flag Forge is an easy-to-use CTF platform open-sourced by FlagForge. A security vulnerability exists in Flag Forge 2.3.2 and earlier versions that stems from a regular expression denial of service issue in the user profile API endpoint...

PT-2025-38623

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions 2.0.0-alpha-1 Description Tandoor Recipes 2.0.0-alpha-1 is susceptible to privilege escalation. This issue stems from a rework of the API, specifically within the User Profile API Endpoint. The endpoint contains two...

CVE-2025-4175

CVE-2025-4175 affects AlanBinu007 Spring-Boot-Advanced-Projects up to 3.1.3. The vulnerability is in the function uploadUserProfileImage of the file UserProfileController.java within the Upload Profile API Endpoint. Manipulation of the File argument leads to a path traversal, enabling a remote at...