Skip to main content
CVE-2021-3138 HIGH POC This Week

In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Discourse
NVD GitHub
CVSS 3.1
7.5
EPSS
3.1%
CVE-2021-21261 HIGH PATCH This Week

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Google RCE Flatpak Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy