[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":51,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":58,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":64,"vulnerability-29394":71},[4,15,21,30,37,42],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",{"title":43,"slug":44,"text":45,"link":46,"external":9,"targets":47,"cta":49,"variant":50,"campaign_id":44},"Office hours #6 - Pre-audit validation","office-hours-6","Free live Office Hours, June 17: walk into your next audit with no surprises","https://zoom.us/webinar/register/5117815316917/WN_A6m_8zzfSHiuRx9AR3SZkA",[48],"/","Save your spot","primary",["Island",52],{"key":53,"params":54,"result":56},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":55},"{}",{"head":57},{},["Island",59],{"key":60,"params":61,"result":62},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":55},{"head":63},{},["Island",65],{"key":66,"params":67,"result":69},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":68},"{\"text-color\":\"gray\"}",{"head":70},{},{"id":72,"detectable_with":73,"vuln_details":80,"vuln_id":96,"name":97,"published":98,"updated":81},29394,{"tool":74,"engine":77},{"id":75,"name":76},1,"Network Scanner",{"id":78,"name":79},2,"Nuclei",{"id":72,"codename":81,"description":81,"severity":82,"risk_description":83,"public_description":84,"public_recommendation":85,"recommendation":81,"references":86,"cvssv3":89,"epss_score":90,"epss_percentile":91,"cve":92,"in_cisa_catalog":94,"date":95,"software_type":81,"vendor":81,"product":81,"ptt_exploit_capabilities":81},null,"critical","Unauthenticated attackers can create or truncate arbitrary files, potentially leading to data loss or system compromise.","In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.\u003Cbr>\u003Cbr>The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials.","Upgrade to Splunk Enterprise 10.2.4, 10.0.7 and Splunk Cloud Platform 10.4.2604.3, 10.2.2510.14 or later.",[87,88],"https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/","https://github.com/watchtowrlabs/watchTowr-vs-Splunk-CVE-2026-20253/blob/main/watchTowr-vs-Splunk-CVE-2026-20253.py",9.8,0.01681,0.73868,[93],"CVE-2026-20253",false,"2026-06-10T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-20253","Splunk Enterprise & Cloud Platform - Unrestricted File Upload","2026-06-15T00:00:00Z"]