← back
CVE-2026-54224

Denial of Service in UBB.threads

CVSS 7.1 HIGHEPSS 0.3%CWE-405
UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
UBB Systems · UBB.threads

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert.pl/en/posts/2026/06/CVE-2026-54219https://www.ubbcentral.com/