Denial of Service in UBB.threads_CVE-2026-54224

7.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users.
Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

Basic Information

ID CVE-2026-54224

Source CERT-PL

Published Jun 18, 2026 at 12:56

Modified Jun 18, 2026 at 13:09

Affected Product

Vendor UBB Systems

Product UBB.threads

Affected Versions UBB Systems UBB.threads 0

CWE Classification

CWE-405

References

{
    "lastseen": "",
    "description": "UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users.\nBecause vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.",
    "published": "2026-06-18T12:56:24.110Z",
    "modified": "2026-06-18T13:09:59.369Z",
    "type": "cve",
    "title": "Denial of Service in UBB.threads",
    "source": "CERT-PL",
    "references": "https://www.ubbcentral.com/\nhttps://cert.pl/en/posts/2026/06/CVE-2026-54219",
    "id": "CVE-2026-54224",
    "bulletinFamily": "",
    "cwe": [
        "CWE-405"
    ],
    "cvelist": null,
    "sourceData": "UBB Systems UBB.threads 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "UBB.threads",
    "version": "0",
    "vendor": "UBB Systems",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}