UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users.
Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.
CVSS
No CVSS.
References
Configurations
No configuration.
History
18 Jun 2026, 18:05
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-18 14:17
Updated : 2026-06-18 18:05
NVD link : CVE-2026-54224
Mitre link : CVE-2026-54224
CVE.ORG link : CVE-2026-54224
JSON object : View
Products Affected
No product.
CWE
CWE-405
Asymmetric Resource Consumption (Amplification)
