BIT-discourse-2026-44787: Discourse: Signup-time primary_group_id assignment grants whisperer access
A vulnerability in Discourse prior to versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5 allows newly registered users during signup to set the primary_group_id. This improper assignment grants them…
Read the full article1d agoen
You might also wanna read

TP-Link-Kasa-Kameras gaben den Standort des Zuhauses ohne Anmeldung preis
drweb.de·1h ago
WordPress, OpenSSL, Fortinet zero-days: patches shipped and KEV escalations
defend.network·2h ago

Sicherheitslücke: Warum Sie WordPress sofort auf 7.0.2 aktualisieren sollten
drweb.de·2h ago
Ransomware group incransom claims compromise of Taiwan semiconductor firm v-silicon.com (May 2024)
hendryadrian.com·4h ago
Critical wp2shell RCE Vulnerability Threatens WordPress Sites
Cyber Web Spider Blog·4h ago
What Marcos’ new data rules mean for gov’t information, cloud storage
RAPPLER·5h ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.