|
3961
|
8.1 |
HIGH
Network
|
-
|
-
|
BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a us…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-53673
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3962
|
6.8 |
MEDIUM
Network
|
-
|
-
|
SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate…
|
CWE-287
Improper Authentication
|
CVE-2026-47838
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3963
|
7.5 |
HIGH
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in Me…
|
CWE-248
Uncaught Exception
|
CVE-2026-46545
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3964
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatch…
|
CWE-617
Reachable Assertion
|
CVE-2026-46543
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3965
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisi…
|
CWE-617
Reachable Assertion
|
CVE-2026-46542
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3966
|
7.5 |
HIGH
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handle_dht_get(), the DhtResults accumulator is only initia…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-46541
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3967
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch() adopts a fork chain whose tip …
|
CWE-841
Improper Enforcement of Behavioral Workflow
|
CVE-2026-46540
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3968
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::is_block_proven causes the…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-46539
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3969
|
8.6 |
HIGH
Network
|
-
|
-
|
SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CA…
|
CWE-22
Path Traversal
|
CVE-2026-46491
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3970
|
6.5 |
MEDIUM
Network
|
-
|
-
|
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and trigge…
|
CWE-248
Uncaught Exception
|
CVE-2026-46411
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
