These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-49482 is a vulnerability in ClipBucket v5, an open-source video sharing platform. The vulnerability allows an authenticated user to overwrite all video subtitle titles by sending a % character as the number parameter in a single HTTP request to the subtitle editing endpoint. This is due to improper neutralization of SQL wildcard characters. The vulnerability has been patched in version 5.5.3 - #141.
CVE-2026-47238 is a medium-severity vulnerability in ClipBucket v5 that allows authenticated users to edit video subtitles of other users due to a lack of authorization. This issue was patched in version 5.5.3 - #133.
CVE-2026-45418 is a high-severity vulnerability in ClipBucket v5, a open-source video sharing platform. The vulnerability exists in the POST /actions/subtitle_edit.php request, where an authenticated user can inject malicious SQL code via the number parameter. This allows for a boolean-based blind SQL injection attack, enabling the exfiltration of sensitive data. The vulnerability has been patched in vers [truncated]
CVE-2026-45060 is a critical vulnerability in ClipBucket v5, an open-source video sharing platform. The vulnerability is caused by a blind SQL injection in the actions/progress_video.php endpoint, which allows unauthenticated users to execute SQL queries and exfiltrate sensitive data. The vulnerability has been patched in version 5.5.3 - #129.
CVE-2026-42846 is a critical vulnerability in ClipBucket v5, a open source video sharing platform. The vulnerability exists in the Remote Play feature, which allows authenticated users to add videos by importing external URLs. Due to improper escaping of user-input URLs, an attacker can inject shell metacharacters, leading to arbitrary command execution on the server. This vulnerability has a CVSS score o [truncated]