CyberRota
← Ana sayfaya dön

CVE-2026-48028

MEDIUM · CVSS 6.5 EPSS %0.12 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-24T20:16:32.787 · Çekilme zamanı: 2026-06-30T18:32:41.838000+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48028
Severity
MEDIUM
CVSS
6.5
EPSS
%0.12

Orijinal NVD Açıklaması

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, Mastodon's normalization of incoming activities signed with Linked-Data Signatures does not sufficiently protect the activities from a certain class of spoofing, allowing threat actors to remove JSON entries from valid signed activities from a third-party actor. This vulnerability is fixed in 4.5.10, 4.4.17, and 4.3.23.