Vulnerabilities reported by skyknow :
漏洞列表
用戶所提交的漏洞列表。
-
某單位 gift issuing endpoint allows GET-triggered privileged point/ticket balance changes
- HZD Code:ZD-2026-00801
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 Bitmarkd ShareGrant/ShareSwap same-account pointer check bypass causes share balance inflation
- HZD Code:ZD-2026-00792
- Risk:高
- Status:審核中
- Date:2026/06/02
-
某單位 TW FidO result endpoint can return proof input without session binding
- HZD Code:ZD-2026-00784
- Risk:中
- Status:審核中
- Date:2026/06/02
-
某單位 Discord OAuth callback redirects bearer token and profile data to state-controlled host
- HZD Code:ZD-2026-00783
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 Synology CSI accepts untrusted TLS certificates and sends DSM credentials to the endpoint
- HZD Code:ZD-2026-00782
- Risk:中
- Status:審核中
- Date:2026/06/10
-
某單位 TW FidO ticket API accepts no-Origin unauthenticated requests and arbitrary HTTPS returnUrl
- HZD Code:ZD-2026-00777
- Risk:中
- Status:審核中
- Date:2026/06/01
-
某單位 bitmarkd same-block duplicate-link transfers can create multiple current owners
- HZD Code:ZD-2026-00776
- Risk:高
- Status:審核中
- Date:2026/06/01
-
某單位 bitmarkd Bitmark.FullProvenance panics on valid empty AssetData metadata
- HZD Code:ZD-2026-00775
- Risk:高
- Status:審核中
- Date:2026/06/01
-
某單位 bitmarkd StoreIncoming accepts expired ShareGrant and ShareSwap records in incoming blocks
- HZD Code:ZD-2026-00774
- Risk:高
- Status:審核中
- Date:2026/06/01
-
某單位 bitmarkd Node.BlockDecode transactionCount mismatch panics the RPC decode path
- HZD Code:ZD-2026-00773
- Risk:高
- Status:審核中
- Date:2026/06/01