Medium CVE-2026-53675 BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary user_id because the...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-53675 – BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in ...

VERWANDTEARTIKEL

Windows BitLocker 0-Day Vulnerability Allows Attackers to Bypass Security Feature

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

CVE-2026-26239 - File Station 5

[High] CVE-2026-26239 – A buffer overflow vulnerability has been reported to affect File Station 5. If a...

CVE-2026-26237 - QuMagie

CVE-2026-24719 - QTS, QuTS hero