[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-48611":3,"news-by-cve-CVE-2026-48611-10":56},{"title":4,"nvd_cvss_vector":5,"nvd_cvss_severity":5,"reference_count":6,"nuclei_template_count":7,"description":4,"id":8,"date_published":9,"assigner_short_name":5,"cvss_version":10,"cvss_vector":11,"has_nuclei_templates":12,"state":13,"date_updated":9,"exploit_count":7,"tags":14,"attack_tactics":15,"has_attack_graph":17,"attack_technique_count":18,"affected_products_preview":19,"vendor_context":25,"sources":30,"references_preview":32,"has_solution":12,"affected_product_count":6,"source_identifier":35,"in_kev":12,"kev_ransomware_use":12,"sectors":36,"remediation_summary":37,"assigner_org":5,"cvss_score":38,"cvss_severity":39,"has_exploit":12,"has_workaround":12,"attack_techniques":40,"cvss_source":31,"weaknesses":52,"has_ai_summary":12},"Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations.","",1,0,"CVE-2026-48611","2026-06-12T02:27:43Z","3.0","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",false,"PUBLISHED",[],[16],"Initial Access",true,2,[20],{"sector":21,"subsector":22,"deployment":23,"vendor":24,"product":24},"web-cms-plugins","forum-wiki","mixed","phpBB",[26],{"vendor":27,"vendor_type":28,"aliases":29,"sector":21,"subsector":22},"phpbb","oss-project",[],[31],"cvelist",[33],{"url":34,"source":31},"https://www.phpbb.com/community/viewtopic.php?t=2672170","36234546-b8fa-4601-9d6f-f4e334aa8ea1",[21],{"has_patch":12,"has_workaround":12},9.8,"CRITICAL",[41,47],{"technique_id":42,"technique_name":43,"tactic":44,"tactic_name":16,"url":45,"confidence":46},"T1078","Valid Accounts","initial-access","https://attack.mitre.org/techniques/T1078/","high",{"url":48,"confidence":49,"technique_id":50,"technique_name":51,"tactic":44,"tactic_name":16},"https://attack.mitre.org/techniques/T1190/","medium","T1190","Exploit Public-Facing Application",[53],{"name":54,"cwe_id":55},"CWE-287 Improper Authentication - Generic","CWE-287",{"cve_id":8,"items":57,"total":7},[]]