Full Disclosure Mailing List

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
2026
31
5
–
–
–
–
–
–
–
–
–
–
2025
24
20
9
32
24
28
40
19
80
33
22
37
2024
75
25
44
29
37
13
24
41
60
21
20
22
2023
29
17
27
14
28
10
52
33
21
32
15
30
2022
91
57
63
54
48
57
27
17
30
52
26
32
2021
84
93
81
77
81
60
72
39
59
79
56
50
2020
52
36
57
63
60
35
37
24
55
34
45
60
2019
71
54
64
41
52
49
40
37
45
59
34
37
2018
102
84
79
61
73
46
95
53
57
54
69
56
2017
99
103
91
113
108
52
95
58
98
71
51
89
2016
100
128
97
93
75
79
89
139
85
103
162
88
2015
134
101
165
115
133
112
126
86
121
115
111
129
2014
194
273
434
325
213
173
167
89
115
135
103
138
2013
282
162
290
263
227
259
277
303
187
294
222
224
2012
611
477
390
382
323
428
394
393
210
277
236
280
2011
580
687
439
561
572
565
367
393
370
995
466
511
2010
637
502
564
452
408
631
417
445
414
523
342
696
2009
979
380
465
318
282
291
550
455
421
339
386
502
2008
615
496
600
821
681
403
591
557
639
531
739
634
2007
593
629
573
744
555
661
662
530
709
935
582
641
2006
992
740
1865
865
789
1058
770
771
578
678
545
493
2005
927
676
950
654
678
437
766
1078
890
677
1065
1531
2004
1358
1534
1499
1153
1451
1031
1370
1314
1091
1174
1424
731
2003
505
405
296
500
421
890
1251
1942
1763
1806
1123
782
2002
–
–
–
–
–
–
314
835
684
381
454
313

Latest Posts

SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS) SEC Consult Vulnerability Lab via Fulldisclosure (Feb 04)
SEC Consult Vulnerability Lab Security Advisory < 20260202-0 >
=======================================================================
title: Multiple vulnerabilities
product: Native Instruments - Native Access (MacOS)
vulnerable version: verified up to 3.22.0
fixed version: n/a
CVE number: CVE-2026-24070, CVE-2026-24071
impact: high
homepage:...

CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series Thomas Weber | CyberDanube via Fulldisclosure (Feb 04)
CyberDanube Security Research 20260119-0
-------------------------------------------------------------------------------
title| Authenticated Command Injection
product| TC Router 5004T-5G EU
vulnerable version| 1.06.18
fixed version| 1.06.23
CVE number| CVE-2025-41717
impact| High
homepage| https://www.phoenixcontact.com/
found| 16.04.2025...

[KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities Egidio Romano (Feb 04)
--------------------------------------------------------------------------
Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities
--------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.0.0 to 5.13.1.

[-] Vulnerabilities Description:

The vulnerabilities exist because user input passed through the...

[KIS-2026-02] Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities Egidio Romano (Feb 04)
--------------------------------------------------------------------------------
Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities
--------------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.0.0 to 5.13.1.

[-] Vulnerabilities Description:

The vulnerabilities exist because user input passed through the...

[KIS-2026-01] Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability Egidio Romano (Feb 04)
---------------------------------------------------------------------------
Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.2.0 to 5.13.1.

[-] Vulnerability Description:

User input passed through the "confirm_url" GET parameter to the...

Username Enumeration - elggv6.3.3 Andrey Stoykov (Jan 29)
# Exploit Title: Elgg - Username Enumeration
# Date: 1/2026
# Exploit Author: Andrey Stoykov
# Version: 6.3.3
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2026/01/friday-fun-pentest-series-47-lack-of.html

// HTTP Request - Resetting Password - Valid User

POST /action/user/requestnewpassword HTTP/1.1
Host: elgg.local
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:148.0)
Gecko/20100101 Firefox/148.0
Accept:...

Weak Password Complexity - elggv6.3.3 Andrey Stoykov (Jan 29)
# Exploit Title: Elgg - Lack of Password Complexity
# Date: 1/2026
# Exploit Author: Andrey Stoykov
# Version: 6.3.3
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2026/01/friday-fun-pentest-series-48-weak.html

// HTTP Request - Changing Password

POST /action/usersettings/save HTTP/1.1
Host: elgg.local
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:148.0)
Gecko/20100101 Firefox/148.0
Accept:...

Paper-Exploiting XAMPP Installations Andrey Stoykov (Jan 29)
Hi. I would like to publish my paper for exploiting XAMPP installations.

Thanks,
Andrey

CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength) Karol Wrótniak (Jan 29)
Summary
=======
A vulnerability was discovered in the popular JavaScript library
'validator'.
The isLength() function incorrectly handles Unicode Variation Selectors
(U+FE0E and U+FE0F). An attacker can inject thousands of these zero-width
characters into a string, causing the library to report a much smaller
perceived length than the actual byte size. This leads to validation
bypasses,
potential database truncation, and Denial of...

Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Yuffie Kisaragi via Fulldisclosure (Jan 26)
Dear Art,

Thank you for sharing your detailed evaluation and for pointing out the relevant
sections of the CNA Rules.

Your argument is well reasoned, particularly with respect to the current
guidance on SaaS and exclusively hosted services.

I have forwarded your evaluation to the CNA for further consideration. It will
also be important to understand the vendor’s perspective in light of the points
you raised, especially regarding the...

Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Marco Ermini via Fulldisclosure (Jan 26)
Hello everyone,

Kindly let me introduce myself. This is the first – and potentially, last – message on this mailing list. I am Marco,
the CISO of EQS Group. Kindly allow me to address some of the statements expressed publicly here.

About the Convercent application

Convercent was acquired by OneTrust in 2021, and in turn, EQS has acquired it from OneTrust at the end of 2024. Before
being acquired by EQS, the Convercent application has not...

SEC Consult SA-20260126-2 :: UART Leaking Sensitive Data in dormakaba registration unit 9002 (PIN pad) SEC Consult Vulnerability Lab via Fulldisclosure (Jan 26)
SEC Consult Vulnerability Lab Security Advisory < 20260126-2 >
=======================================================================
title: UART Leaking Sensitive Data
product: dormakaba registration unit 9002 (PIN pad)
vulnerable version: <SW0039
fixed version: SW0039
CVE number: CVE-2025-59109
impact: medium
homepage:...

SEC Consult SA-20260126-1 :: Multiple Critical Vulnerabilities in dormakaba Access Manager SEC Consult Vulnerability Lab via Fulldisclosure (Jan 26)
SEC Consult Vulnerability Lab Security Advisory < 20260126-1 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: dormakaba Access Manager
vulnerable version: Multiple firmware and hardware revisions (details below)
fixed version: Multiple firmware and hardware revisions (details below)
CVE number: CVE-2025-59097,...

SEC Consult SA-20260126-0 :: Multiple Critical Vulnerabilities in dormakaba Kaba exos 9300 SEC Consult Vulnerability Lab via Fulldisclosure (Jan 26)
SEC Consult Vulnerability Lab Security Advisory < 20260126-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: dormakaba Kaba exos 9300
vulnerable version: < 4.4.1
fixed version: 4.4.1
CVE number: CVE-2025-59090, CVE-2025-59091, CVE-2025-59092
CVE-2025-59093, CVE-2025-59094, CVE-2025-59095...

Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Wade Sparks (Jan 21)
Hello Yuffie,

Upon further investigation, the VulnCheck CNA determined that these
vulnerabilities were not suitable for CVE assignment. The
vulnerabilities exist within a SaaS product and are mitigated at the
CSP-level which in this case, would be the vendor, EQS Group. Rather than
contribute unactionable CVE records, the VulnCheck CNA used its
discretionary prowess to move forward with rejecting these records. This
policy aligns with a 2022...

More Lists

Dozens of other network security lists are archived at SecLists.Org.