Tag

Identity Spoofing

3 briefs RSS

Symfony X509Authenticator Identity Spoofing Vulnerability (CVE-2026-45063)

Symfony's X509Authenticator is vulnerable to identity spoofing due to an unanchored regex in the extraction of the user identifier from the Subject DN of client certificates, allowing attackers to authenticate as other users by crafting a certificate with a malicious CN value.

symfony/security-http < 5.4.52 +7 symfony authentication bypass identity spoofing CVE-2026-45063

2r 1t 3w ago

critical advisory

MCPHub User Impersonation Vulnerability via Unauthenticated SSE Endpoint

2 rules 3 TTPs

MCPHub is vulnerable to user identity spoofing on the MCP transport layer; an unauthenticated network user can impersonate any user, including administrators, on SSE/MCP endpoints by providing the target username in the URL path, which allows execution of MCP tool calls under a spoofed user's identity, access to user-scoped resources and data, and poisoning of audit logs.

@samanhappy/mcphub identity-spoofing sse mcp unauthenticated-access

2r 3t May 14, 2026

medium advisory

IBM WebSphere Liberty Identity Spoofing Vulnerability (CVE-2026-3621)

2 rules 1 TTP 1 CVE

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.4 are susceptible to identity spoofing when applications are deployed without proper authentication and authorization configurations, potentially leading to unauthorized access and privilege escalation.

WebSphere Application Server - Liberty cve-2026-3621 websphere identity spoofing cwe-269

2r 1t 1c Apr 23, 2026