CVE-2026-48611
CVE-2026-48611
Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
phpBB · phpBBpublic PoCs found — 2
githubgithub.com/citruscitruscitruscitruscitrusci/CVE-2026-48611-poc★ 1githubgithub.com/Diznev/CVE-2026-48611-EXPLOIT★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →