Recently Updated Pages
Component block propPath can enable prototype pollution
Keystone Zero Day Research
Updated 2 months ago by Aryma
Summary Component block propPath allows arbitrary string keys. The renderer applies propPath with...
Document field validation can be abused for resource exhaustion
Keystone Zero Day Research
Updated 2 months ago by Aryma
Summary Document input validation and normalization traverse the full document without explicit d...
WhatsApp Resend Verification Authorization Bypass
Onetimeup Zero Day Research
Updated 3 months ago by Aryma
GHSA : https://github.com/OneUptime/oneuptime/security/advisories/GHSA-cw6x-mw64-q6pv CVE : CVE-2...
DoS via Image Preview Generation
Vikunja Zero Day Research
Updated 3 months ago by Aryma
Summary Vulnerability: Unbounded image decoding and resizing during preview generation lets an a...
Security Report: Server-Side Request Forgery (SSRF) in Notification Testers
Wallos Zero Day Research
Updated 3 months ago by Aryma
Wallos version : 4.6.1 GHSA : https://github.com/ellite/Wallos/security/advisories/GHSA-mr2c-prqv...
Private File IDOR via raw/direct endpoints
Flare Zero day Research
Updated 3 months ago by Aryma
GHSA : https://github.com/FlintSH/Flare/security/advisories/GHSA-gwqr-xf5c-5569 CVE : CVE-2026-30...
Password‑Protected Thumbnail Bypass
Flare Zero day Research
Updated 3 months ago by Aryma
GHSA : https://github.com/FlintSH/Flare/security/advisories/GHSA-3x7v-x3r6-mjh7 CVE : CVE-2026-30...