CVE-2026-48501

A flaw was found in GitHub CLI. The tool incorrectly includes authorization headers in API requests to TUF repository mirrors when using commands such as gh attestation, gh release verify, and gh release verify-asset. This issue occurs because the shared HTTP client's authentication layer lacks...

PT-2026-23607

Name of the Vulnerable Software and Affected Versions Ghost versions 5.101.6 through 6.19.2 Description Incomplete CSRF protections around the /session/verify API endpoint allowed the use of One-Time Codes OTCs in login sessions different from the requesting session. This could potentially allow...

EUVD-2020-25077

Malware in sbrugna...

The vulnerability of the mbedtls_lms_verify() function in Mbed TLS software allows a hacker to bypass existing security restrictions.

The vulnerability of the mbedtlslmsverify function in Mbed TLS is related to the absence of a necessary encryption step. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions...

woodenpallet.net Cross Site Scripting vulnerability OBB-3089102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2022-17636 · Inhand Networks · Inrouter302

Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter302 version 3.5.45 Description: A leftover debug code vulnerability exists in the console verify functionality. This vulnerability can be triggered by a specially-crafted series of network requests, leading to the...

All Vulnerabilities for lib.wzu.edu.tw Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

subscribe.ollysbox.com.au Cross Site Scripting vulnerability OBB-1276666

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

The vulnerability of the qmail-verify module in the netqmail email client allows a hacker to gain access to confidential data.

The vulnerability of the qmail-verify module in the netqmail email client is related to the lack of protection for service data. Exploiting this vulnerability can allow attackers to access confidential data...

PHP 'password_verify()' function out-of-bounds read denial of service vulnerability

PHP is a popular general-purpose scripting language that is particularly well suited for web development. A denial of service vulnerability exists in the PHP 'passwordverify' function. An attacker can exploit this vulnerability to cause a denial of service...