[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":36,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":43,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":49,"vulnerability-29432":56},[4,15,24,30],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":19,"external":9,"targets":20,"cta":22,"variant":13,"campaign_id":23},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper","PoC details now live: 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[21],"/exploit-helpers/sniper","See the details","phpbb-authentication-bypass",{"title":25,"slug":26,"text":18,"link":19,"external":9,"targets":27,"cta":29,"variant":13,"campaign_id":23},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve",[28],"/vulnerabilities-exploits","Read the research",{"title":31,"slug":32,"text":33,"link":19,"external":9,"targets":34,"cta":35,"variant":13,"campaign_id":23},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","The Network Scanner detects 2 new phpBB CVEs our research team found",[28],"See the PoC details",["Island",37],{"key":38,"params":39,"result":41},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":40},"{}",{"head":42},{},["Island",44],{"key":45,"params":46,"result":47},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":40},{"head":48},{},["Island",50],{"key":51,"params":52,"result":54},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":53},"{\"text-color\":\"gray\"}",{"head":55},{},{"id":57,"detectable_with":58,"vuln_details":65,"vuln_id":81,"name":82,"published":83,"updated":66},29432,{"tool":59,"engine":62},{"id":60,"name":61},1,"Network Scanner",{"id":63,"name":64},2,"Nuclei",{"id":57,"codename":66,"description":66,"severity":67,"risk_description":68,"public_description":69,"public_recommendation":70,"recommendation":66,"references":71,"cvssv3":74,"epss_score":75,"epss_percentile":76,"cve":77,"in_cisa_catalog":79,"date":80,"software_type":66,"vendor":66,"product":66,"ptt_exploit_capabilities":66},null,"critical","Remote attackers can exfiltrate or overwrite the entire database including sensitive user data without authentication.","Gorse \u003C 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.","Update to version 0.5.10 or later.",[72,73],"https://github.com/gorse-io/gorse/issues/1292","https://nvd.nist.gov/vuln/detail/CVE-2026-56782",9.8,0.03016,0.85819,[78],"CVE-2026-56782",false,"2026-06-29T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-56782","Gorse \u003C 0.5.10 - Unauthenticated Database Dump","2026-07-02T00:00:00Z"]