CVE-2026-55377: CWE-287: Improper Authentication in logto-io logto
CVE-2026-55377 is an improper authentication vulnerability in logto-io's Logto product prior to version 1.41.0. The issue arises because the Account Center step-up check accepted any active…
Read the full article18h agoen
You might also wanna read

CVE-2026-11462: Improper Authorization Vulnerability in BeikeShop Stripe Plugin (Up to v1.6.0.22)
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file p

WAF - WAF Release - 2025-07-07
This week’s roundup uncovers critical vulnerabilities affecting enterprise VoIP systems, webmail platforms, and a popular JavaScript framewo
Cloudflare·1y ago
Cisco Unified CM Vulnerability (CVE-2026-20230, CVSS 8.6) Actively Exploited for Root Privilege Escalation
CVE-2026-20230 has a CVSS score of 8.6 and stems from improper input validation for specific HTTP requests. Successful exploitation can let

Comments
Sign in to join the conversation.
No comments yet. Be the first.