10 year old critical vulnerability in phpBB affecting tens of millions of users across thousands of forums
Aikido Security discovered a critical unauthenticated authentication bypass in phpBB affecting tens of millions of users. A single HTTP request is all it takes to take over any account — a…
Read the full articleYou might also wanna read

WAF - WAF Release - 2026-04-30 - Emergency
This emergency release introduces a new rule to block a cPanel & WHM Authentication Bypass related to CVE-2026-41940. Key Findings CVE-2026-
Critical Authentication Bypass Vulnerability Discovered in cPanel & WHM (CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started: 0:00 /0:12 1× No comments today, so imagine this: * We wrote something
watchTowr Labs·2mo ago
WAF - WAF Release - 2026-06-15
This week's release introduces new managed protection to address a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) and a

WAF - WAF Release - 2025-11-24
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in FortiWeb, linked to CVE-2025-64446, alon
Critical Authentication Bypass Vulnerabilities Found in Casdoor IAM Platform (CERT/CC VU#780781)
Casdoor contains multiple authentication bypass and access management vulnerabilities
CVE-2026-58123: Missing Authentication for Critical Function in nesquena hermes-webui
Hermes WebUI versions prior to 0.51.788 contain a critical unauthenticated remote code execution vulnerability. This flaw allows remote atta

Comments
Sign in to join the conversation.
No comments yet. Be the first.