Skip to main content
CVE-2022-33107 CRITICAL POC THREAT Act Now

ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE PHP Thinkphp
NVD GitHub
CVSS 3.1
9.8
EPSS
22.3%
CVE-2022-32532 CRITICAL PATCH Act Now

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apache Shiro
NVD
CVSS 3.1
9.8
EPSS
25.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy