CVE Catalog

CVE-2026-54224

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

19th percentile — higher than 19% of all known CVEs

Summary

UBB.threads is vulnerable to Denial of Service (DoS). An authenticated attacker can send multiple concurrent requests to view any user profile, leading to exhaustion of database resources and complete denial of access to the application for other users.

Risk Assessment

This vulnerability can lead to significant disruptions in application availability, affecting user experience and potentially resulting in data loss or damage to the organization's reputation.

Recommendation

It is recommended to monitor and limit the number of concurrent requests to user profiles and to update to the latest version of the software once a patch is available.

Original NVD description (English source)

UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS