SECURITYBLEEPING COMPUTER
phpBB forum fixes auth bypass bug lurking for a decade
A 10-year-old authentication bypass vulnerability in the phpBB forum software allows attackers to log in as any user, including administrators. The vulnerability was recently addressed by the developers.
Related Signal
Adjacent reporting
- Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
- Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
- cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
- cPanel, WHM emergency update fixes critical auth bypass bug
- The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
- Progress warns of critical MOVEit Automation auth bypass flaw