Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-58593

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-01 Jul, 2026 | 19:27
Updated At-02 Jul, 2026 | 15:08
Rejected At-
Credits

NodeBB - ActivityPub Author Spoofing via Unvalidated attributedTo Mapped to Local User

NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:01 Jul, 2026 | 19:27
Updated At:02 Jul, 2026 | 15:08
Rejected At:
â–¼CVE Numbering Authority (CNA)
NodeBB - ActivityPub Author Spoofing via Unvalidated attributedTo Mapped to Local User

NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled.

Affected Products
Vendor
NodeBB
Product
NodeBB
Default Status
affected
Versions
Affected
  • 4.13.2
Problem Types
TypeCWE IDDescription
CWECWE-345Insufficient Verification of Data Authenticity
CWECWE-290Authentication Bypass by Spoofing
Type: CWE
CWE ID: CWE-345
Description: Insufficient Verification of Data Authenticity
Type: CWE
CWE ID: CWE-290
Description: Authentication Bypass by Spoofing
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/bikini/exploitarium/tree/main/nodebb-activitypub-attributedto-local-uid-spoof-poc
exploit
https://github.com/NodeBB/NodeBB/blob/v4.13.2/src/activitypub/mocks.js
product
https://www.vulncheck.com/advisories/nodebb-activitypub-author-spoofing-via-unvalidated-attributedto-mapped-to-local-user
third-party-advisory
Hyperlink: https://github.com/bikini/exploitarium/tree/main/nodebb-activitypub-attributedto-local-uid-spoof-poc
Resource:
exploit
Hyperlink: https://github.com/NodeBB/NodeBB/blob/v4.13.2/src/activitypub/mocks.js
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/nodebb-activitypub-author-spoofing-via-unvalidated-attributedto-mapped-to-local-user
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:01 Jul, 2026 | 20:17
Updated At:02 Jul, 2026 | 19:42

NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
N/A
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

nodebb
nodebb
>>nodebb>>Versions up to 4.13.2(inclusive)
cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-290Secondarydisclosure@vulncheck.com
CWE-345Secondarydisclosure@vulncheck.com
CWE ID: CWE-290
Type: Secondary
Source: disclosure@vulncheck.com
CWE ID: CWE-345
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/NodeBB/NodeBB/blob/v4.13.2/src/activitypub/mocks.jsdisclosure@vulncheck.com
Exploit
Third Party Advisory
https://github.com/bikini/exploitarium/tree/main/nodebb-activitypub-attributedto-local-uid-spoof-pocdisclosure@vulncheck.com
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/nodebb-activitypub-author-spoofing-via-unvalidated-attributedto-mapped-to-local-userdisclosure@vulncheck.com
Exploit
Third Party Advisory
Hyperlink: https://github.com/NodeBB/NodeBB/blob/v4.13.2/src/activitypub/mocks.js
Source: disclosure@vulncheck.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/bikini/exploitarium/tree/main/nodebb-activitypub-attributedto-local-uid-spoof-poc
Source: disclosure@vulncheck.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.vulncheck.com/advisories/nodebb-activitypub-author-spoofing-via-unvalidated-attributedto-mapped-to-local-user
Source: disclosure@vulncheck.com
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

82Records found

CVE-2022-3347
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.24% / 15.29%
||
7 Day CHG~0.00%
Published-27 Dec, 2022 | 21:17
Updated-14 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver

DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain.

Action-Not Available
Vendor-go-resolver_projectgithub.com/peterzen/goresolver
Product-go-resolvergithub.com/peterzen/goresolver
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-6475
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.9||MEDIUM
EPSS-1.26% / 66.07%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 19:17
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A flaw in mirror zone validity checking can allow zone data to be spoofed

Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via traditional recursion, and when mirror zone data cannot be validated, BIND falls back to using traditional recursion instead of the mirror zone. However, an error in the validity checks for the incoming zone data can allow an on-path attacker to replace zone data that was validated with a configured trust anchor with forged data of the attacker's choosing. The mirror zone feature is most often used to serve a local copy of the root zone. If an attacker was able to insert themselves into the network path between a recursive server using a mirror zone and a root name server, this vulnerability could then be used to cause the recursive server to accept a copy of falsified root zone data. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-3979
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-0.92% / 55.81%
||
7 Day CHG~0.00%
Published-28 Oct, 2019 | 21:33
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's DNS cache via malicious responses with additional and untrue records.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosMikroTik RouterOS
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-33687
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.19% / 9.26%
||
7 Day CHG~0.00%
Published-24 Jun, 2024 | 15:03
Updated-13 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration.

Action-Not Available
Vendor-omronOMRON Corporation
Product-nx1p2-1040dt1_firmwarenx1p2-9024dt1_firmwarenx102-1100_firmwarenj501-4300_firmwarenj101-1020nx701-1600_firmwarenx102-1020_firmwarenj501-4300nj501-5300-1nj-pd3001nx1w-mab221nj501-1320_firmwarenx1p2-1040dt_firmwarenj501-5300_firmwarenj501-1340nx701-z700_firmwarenj501-4310_firmwarenx1w-mab221_firmwarenx701-1600nj501-r420nj101-9000nx102-9000_firmwarenj101-1000nx102-1120nj501-4500nx1p2-9024dtnx102-1020nj-pa3001nj501-4400_firmwarenj501-1300_firmwarenx1p2-1040dt1nj501-4400nj101-1020_firmwarenx701-z700nx701-1700_firmwarenj501-1320nx1p2-9024dt_firmwarenj501-5300-1_firmwarenj501-4310nj101-9000_firmwarenx1p2-1040dtnj501-1400nx102-1100nj101-9020nx1w-adb21nj501-r520nj501-r400_firmwarenj-pa3001_firmwarenj501-r400nj501-1340_firmwarenj101-1000_firmwarenx1p2-1140dt1nj501-r320nj-pd3001_firmwarenj501-4500_firmwarenx1p2-9024dt1nx701-1720_firmwarenx102-1220_firmwarenx102-1200nj501-r320_firmwarenx1w-cif01nx102-1000_firmwarenx102-9020_firmwarenj501-5300nj501-1500nx1w-dab21v_firmwarenx1w-adb21_firmwarenx701-1700nj501-140nx102-1220nj301-1100_firmwarenx701-1720nj501-r300_firmwarenx102-1000nj501-1520_firmwarenx1w-cif11_firmwarenj301-1200nx1w-cif01_firmwarenj501-r520_firmwarenj101-9020_firmwarenj501-r300nj301-1100nj501-4320nx102-9020nx102-1120_firmwarenj501-r500_firmwarenx1w-cif12nx1p2-1140dt_firmwarenx1p2-1140dt1_firmwarenx1w-cif11nx1w-cif12_firmwarenj501-1300nj501-r500nx701-1620nx701-z600_firmwarenj501-1520nx701-z600nx102-9000nj501-4320_firmwarenx701-1620_firmwarenj501-1500_firmwarenx1w-dab21vnj301-1200_firmwarenx102-1200_firmwarenj501-r420_firmwarenj501-1400_firmwarenj501-1420nx1p2-1140dtnj501-140_firmwarenj501-1420_firmwareNX Series CPU UnitNJ Series CPU Unit
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-1234
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-57.94% / 98.97%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 18:52
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A spoofing vulnerability exists when Azure Stack fails to validate certain requests, aka 'Azure Stack Spoofing Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_stackAzure Stack
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2019-11189
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.05% / 60.18%
||
7 Day CHG~0.00%
Published-20 Feb, 2020 | 21:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. To exploit the vulnerability, an attacker sends a gratuitous ARP reply that causes the host mobility application to remove existing access control flow denial rules in the network. The access control application does not re-install flow deny rules, so the attacker can bypass the intended access control policy.

Action-Not Available
Vendor-opennetworkingn/a
Product-onosn/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2019-10943
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.95% / 56.95%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:55
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-1500 Software Controller (All versions >= V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC S7-PLCSIM Advanced (All versions >= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmwaresimatic_s7-1200_cpu_1212c_firmwaresimatic_s7-1200_cpu_1214csimatic_s7-1200_cpu_1217c_firmwaresimatic_s7-1500_software_controllersimatic_s7-1500_cpu_1511csimatic_s7_plcsim_advancedsimatic_s7-1200_cpu_1215csimatic_s7-1200_cpu_1211csimatic_s7-1200_cpu_1212csimatic_s7-1500_cpu_1518simatic_et_200sp_open_controller_cpu_1515sp_pc_firmwaresimatic_s7-1500_cpu_1512csimatic_s7-1500_cpu_1511c_firmwaresimatic_s7-1500_cpu_1518_firmwaresimatic_s7-1200_cpu_1217csimatic_s7-1200_cpu_1214c_firmwaresimatic_s7-1500_cpu_1512c_firmwaresimatic_s7-1200_cpu_1215c_firmwaresimatic_et_200sp_open_controller_cpu_1515sp_pcsimatic_s7-1200_cpu_1211c_firmwaresimatic_et_200sp_open_controller_cpu_1515sp_pc2SIMATIC S7-1500 Software ControllerSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC Drive Controller familySIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIMATIC S7-PLCSIM Advanced
CWE ID-CWE-353
Missing Support for Integrity Check
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-35622
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.56% / 72.25%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 18:10
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows DNS Spoofing Vulnerability

Windows DNS Spoofing Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_server_2022_23h2windows_server_2016windows_server_2022windows_server_2019windows_server_2012Windows Server 2012 R2Windows Server 2019Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-35906
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.31% / 23.20%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 00:52
Updated-27 Sep, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Aspera Faspex security bypass

IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper access controls. IBM X-Force ID: 259649.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-aspera_faspexlinux_kernelAspera Faspexaspera_faspex
CWE ID-CWE-291
Reliance on IP Address for Authentication
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-28457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 11.45%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-22 Apr, 2025 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful.

Action-Not Available
Vendor-technitiumn/atechnitium
Product-dnsservern/adns_server
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-25743
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 46.60%
||
7 Day CHG~0.00%
Published-02 Jun, 2023 | 00:00
Updated-09 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefox_focusFirefox ESRFirefox
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2017-20180
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.6||MEDIUM
EPSS-0.31% / 22.39%
||
7 Day CHG~0.00%
Published-06 Mar, 2023 | 10:31
Updated-05 Aug, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zerocoin libzerocoin Proof CoinSpend.cpp CoinSpend data authenticity

A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the function CoinSpend::CoinSpend of the file CoinSpend.cpp of the component Proof Handler. The manipulation leads to insufficient verification of data authenticity. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as ce103a09ec079d0a0ed95475992348bed6e860de. It is recommended to apply a patch to fix this issue. VDB-222318 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-zerocoinZerocoin
Product-libzerocoinlibzerocoin
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2022-44713
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.49% / 70.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Jul, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Outlook for Mac Spoofing Vulnerability

Microsoft Outlook for Mac Spoofing Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-office_long_term_servicing_channelofficeMicrosoft Office 2019 for MacMicrosoft Office LTSC for Mac 2021
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2022-4303
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.70% / 48.76%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 14:31
Updated-02 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Limit Login Attempts <= 2.6.4 - IP Spoofing

The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based restrictions on login forms.

Action-Not Available
Vendor-ciphercoinUnknown
Product-wp_limit_login_attemptsWP Limit Login Attempts
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2022-23556
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7||HIGH
EPSS-0.37% / 29.26%
||
7 Day CHG~0.00%
Published-22 Dec, 2022 | 18:50
Updated-15 Apr, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CodeIgniter is vulnerable to IP address spoofing when using proxy

CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.

Action-Not Available
Vendor-codeignitercodeigniter4
Product-codeigniterCodeIgniter4
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2025-69401
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.33% / 24.76%
||
7 Day CHG~0.00%
Published-20 Feb, 2026 | 15:46
Updated-28 Apr, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WooODT Lite plugin <= 2.5.2 - Payment Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Identity Spoofing.This issue affects WooODT Lite: from n/a through <= 2.5.2.

Action-Not Available
Vendor-mdalabar
Product-WooODT Lite
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2022-1762
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-1.19% / 64.20%
||
7 Day CHG+0.03%
Published-13 Jun, 2022 | 12:42
Updated-03 Aug, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iQ Block Country < 1.2.20 - Protection Bypass due to IP Spoofing

The iQ Block Country WordPress plugin before 1.2.20 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.

Action-Not Available
Vendor-webenceUnknown
Product-iq_block_countryiQ Block Country
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2021-43220
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-3.1||LOW
EPSS-1.12% / 62.31%
||
7 Day CHG~0.00%
Published-24 Nov, 2021 | 01:05
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge for iOS Spoofing Vulnerability

Microsoft Edge for iOS Spoofing Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_iosMicrosoft Edge for iOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2025-6188
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.30%
||
7 Day CHG~0.00%
Published-25 Aug, 2025 | 20:14
Updated-27 Aug, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-EOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2022-34763
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-5.9||MEDIUM
EPSS-0.25% / 16.36%
||
7 Day CHG~0.00%
Published-13 Jul, 2022 | 21:11
Updated-16 Sep, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

Action-Not Available
Vendor-
Product-opc_ua_module_for_m580opc_ua_module_for_m580_firmwarex80_advanced_rtu_module_firmwarex80_advanced_rtu_moduleOPC UA Modicon Communication ModuleX80 advanced RTU Communication Module
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2026-21862
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-0.21% / 11.43%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 16:06
Updated-23 Feb, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RustFS sourceIp bypass via spoofed X-Forwarded-For/Real-IP headers

RustFS is a distributed object storage system built in Rust. Prior to version alpha.78, IP-based access control can be bypassed: get_condition_values trusts client-supplied X-Forwarded-For/X-Real-Ip without verifying a trusted proxy, so any reachable client can spoof aws:SourceIp and satisfy IP-allowlist policies. This issue has been patched in version alpha.78.

Action-Not Available
Vendor-rustfsrustfs
Product-rustfsrustfs
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2025-59802
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 18.74%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 00:00
Updated-18 Dec, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamically change the visibility of OCG content after signing (Post-Sign), allowing the visual content of a signed PDF to be modified without invalidating the signature. This may result in a mismatch between the signed content and what the signer or verifier sees, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.

Action-Not Available
Vendor-n/aFoxit Software IncorporatedApple Inc.Microsoft Corporation
Product-windowspdf_editorpdf_readermacosn/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2025-53548
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 4.78%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 17:12
Updated-10 Jul, 2025 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@clerk/backend Performs Insufficient Verification of Data Authenticity

Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0.

Action-Not Available
Vendor-clerk
Product-javascript
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-30250
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 22.75%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 14:57
Updated-19 Sep, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists

Astro-Shield is an integration to enhance website security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques. Versions from 1.2.0 to 1.3.1 of Astro-Shield allow bypass to the allow-lists for cross-origin resources by introducing valid `integrity` attributes to the injected code. This implies that the injected SRI hash would be added to the generated CSP header, which would lead the browser to believe that the injected resource is legit. This vulnerability is patched in version 1.3.2.

Action-Not Available
Vendor-kindspellskindspellskindspells
Product-astro-shieldastro-shieldastro-shield
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2024-21746
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 37.92%
||
7 Day CHG~0.00%
Published-17 May, 2024 | 08:46
Updated-29 Apr, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Wp Ultimate Review plugin <= 2.3.6 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6.

Action-Not Available
Vendor-wpmetRoxnor
Product-wp_ultimate_reviewWp Ultimate Review
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2024-10462
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.55% / 41.68%
||
7 Day CHG~0.00%
Published-29 Oct, 2024 | 12:19
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbirdfirefoxfirefox_esrthunderbird
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2024-10465
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.55% / 41.69%
||
7 Day CHG~0.00%
Published-29 Oct, 2024 | 12:19
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbirdfirefoxfirefox_esrthunderbird
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-5239
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.65% / 46.74%
||
7 Day CHG~0.00%
Published-27 Nov, 2023 | 16:22
Updated-02 Aug, 2024 | 07:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Security & Malware scan by CleanTalk < 2.121 - IP Spoofing

The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass bruteforce protection.

Action-Not Available
Vendor-cleantalkUnknown
Product-security_\&_malware_scanSecurity & Malware scan by CleanTalk
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-51543
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.38% / 29.56%
||
7 Day CHG~0.00%
Published-04 Jun, 2024 | 12:25
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.2.5.0.

Action-Not Available
Vendor-Metagauss Inc.
Product-registrationmagicRegistrationMagic
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-49087
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 9.14%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 05:20
Updated-02 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Validation of SignedInfo

xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the related XML-document matches a specific DigestValue-value, but also that the cryptographic signature on the SignedInfo-tree (the one that contains the DigestValue) verifies and matches a trusted public key. If an attacker somehow (i.e. by exploiting a bug in PHP's canonicalization function) manages to manipulate the canonicalized version's DigestValue, it would be possible to forge the signature. This issue has been patched in version 1.6.12 and 5.0.0-alpha.13.

Action-Not Available
Vendor-simplesamlphpsimplesamlphp
Product-xml-securitysaml2xml-security
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-48238
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 22.41%
||
7 Day CHG~0.00%
Published-17 Nov, 2023 | 21:35
Updated-09 Jun, 2026 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JWT Algorithm Confusion in json-web-token library

joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Versions prior to 4.0.0 are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm. Version 4.0.0 fixes the issue.

Action-Not Available
Vendor-joaquimserafimjoaquimserafim
Product-json_web_tokenjson-web-token
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-38552
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-1.11% / 61.84%
||
7 Day CHG~0.00%
Published-18 Oct, 2023 | 03:55
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all users using the experimental policy mechanism in all active release lines: 18.x and, 20.x. Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js.

Action-Not Available
Vendor-Fedora ProjectNode.js (OpenJS Foundation)
Product-fedoranode.jsNode
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
  • Previous
  • 1
  • 2
  • Next
Details not found