[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-26141":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":391,"aliases":401,"duplicate_of":9,"upstream":402,"downstream":403,"duplicates":410,"related":411,"reserved_at":9,"published_at":412,"modified_at":413,"state":414,"summary":415,"references_raw":423,"kevs":444,"epss":445,"epss_history":448,"metrics":705,"affected":717},"CVE-2023-26141","Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.",null,[11,86],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],{"_key":87,"id":87,"name":88,"description":89,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":90},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.",[91,95,128,140,159,163,167,171,175,179,183,387],{"id":92,"name":93,"techniques":94},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":96,"name":97,"techniques":98},"CAPEC-141","Cache Poisoning",[99],{"id":100,"name":101,"tactics":102,"countermeasures":109},"T1557.002","ARP Cache Poisoning",[103,106],{"id":104,"name":105},"TA0031","Credential Access",{"id":107,"name":108},"TA0100","Collection",[110,112,114,116,118,120,122,124,126],{"id":37,"name":38,"tactic":111},{"name":40},{"id":42,"name":43,"tactic":113},{"name":40},{"id":46,"name":47,"tactic":115},{"name":40},{"id":50,"name":51,"tactic":117},{"name":40},{"id":54,"name":55,"tactic":119},{"name":40},{"id":58,"name":59,"tactic":121},{"name":40},{"id":62,"name":63,"tactic":123},{"name":40},{"id":66,"name":67,"tactic":125},{"name":40},{"id":74,"name":75,"tactic":127},{"name":77},{"id":129,"name":130,"techniques":131},"CAPEC-142","DNS Cache Poisoning",[132],{"id":133,"name":134,"tactics":135,"countermeasures":139},"T1584.002","DNS Server",[136],{"id":137,"name":138},"TA0042","Resource Development",[],{"id":141,"name":142,"techniques":143},"CAPEC-148","Content Spoofing",[144],{"id":145,"name":146,"tactics":147,"countermeasures":149},"T1491","Defacement",[148],{"id":33,"name":34},[150,155],{"id":151,"name":152,"tactic":153},"D3-DNR","Decoy Network Resource",{"name":154},"Deceive",{"id":156,"name":157,"tactic":158},"D3-NRAM","Network Resource Access Mediation",{"name":77},{"id":160,"name":161,"techniques":162},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":164,"name":165,"techniques":166},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":168,"name":169,"techniques":170},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":172,"name":173,"techniques":174},"CAPEC-386","Application API Navigation Remapping",[],{"id":176,"name":177,"techniques":178},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":180,"name":181,"techniques":182},"CAPEC-388","Application API Button Hijacking",[],{"id":184,"name":185,"techniques":186},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[187,223,263],{"id":188,"name":189,"tactics":190,"countermeasures":197},"T1211","Exploitation for Stealth",[191,194],{"id":192,"name":193},"TA0030","Defense Evasion",{"id":195,"name":196},"TA0005","Stealth",[198,202,206,210,215,219],{"id":199,"name":200,"tactic":201},"D3-MBT","Memory Boundary Tracking",{"name":40},{"id":203,"name":204,"tactic":205},"D3-PCSV","Process Code Segment Verification",{"name":40},{"id":207,"name":208,"tactic":209},"D3-SSC","Shadow Stack Comparisons",{"name":40},{"id":211,"name":212,"tactic":213},"D3-PSEP","Process Segment Execution Prevention",{"name":214},"Harden",{"id":216,"name":217,"tactic":218},"D3-SAOR","Segment Address Offset Randomization",{"name":214},{"id":220,"name":221,"tactic":222},"D3-SFCV","Stack Frame Canary Validation",{"name":214},{"id":224,"name":225,"tactics":226,"countermeasures":232},"T1542.002","Component Firmware",[227,228,229],{"id":192,"name":193},{"id":195,"name":196},{"id":230,"name":231},"TA0110","Persistence",[233,238,242,246,250,254,258],{"id":234,"name":235,"tactic":236},"D3-SWI","Software Inventory",{"name":237},"Model",{"id":239,"name":240,"tactic":241},"D3-AVE","Asset Vulnerability Enumeration",{"name":237},{"id":243,"name":244,"tactic":245},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":40},{"id":247,"name":248,"tactic":249},"D3-FV","Firmware Verification",{"name":40},{"id":251,"name":252,"tactic":253},"D3-FBA","Firmware Behavior Analysis",{"name":40},{"id":255,"name":256,"tactic":257},"D3-SU","Software Update",{"name":214},{"id":259,"name":260,"tactic":261},"D3-RS","Restore Software",{"name":262},"Restore",{"id":264,"name":265,"tactics":266,"countermeasures":273},"T1556","Modify Authentication Process",[267,268,271,272],{"id":192,"name":193},{"id":269,"name":270},"TA0112","Defense Impairment",{"id":230,"name":231},{"id":104,"name":105},[274,278,282,286,290,294,298,302,306,310,315,319,323,327,331,335,339,343,347,351,355,359,363,367,371,375,379,383],{"id":275,"name":276,"tactic":277},"D3-CI","Configuration Inventory",{"name":237},{"id":279,"name":280,"tactic":281},"D3-NTPM","Network Traffic Policy Mapping",{"name":237},{"id":283,"name":284,"tactic":285},"D3-AM","Access Modeling",{"name":237},{"id":287,"name":288,"tactic":289},"D3-FA","File Analysis",{"name":40},{"id":291,"name":292,"tactic":293},"D3-FIM","File Integrity Monitoring",{"name":40},{"id":295,"name":296,"tactic":297},"D3-PLA","Process Lineage Analysis",{"name":40},{"id":299,"name":300,"tactic":301},"D3-PSMD","Process Self-Modification Detection",{"name":40},{"id":303,"name":304,"tactic":305},"D3-PSA","Process Spawn Analysis",{"name":40},{"id":307,"name":308,"tactic":309},"D3-SFA","System File Analysis",{"name":40},{"id":311,"name":312,"tactic":313},"D3-FEV","File Eviction",{"name":314},"Evict",{"id":316,"name":317,"tactic":318},"D3-PT","Process Termination",{"name":314},{"id":320,"name":321,"tactic":322},"D3-PS","Process Suspension",{"name":314},{"id":324,"name":325,"tactic":326},"D3-HR","Host Reboot",{"name":314},{"id":328,"name":329,"tactic":330},"D3-HS","Host Shutdown",{"name":314},{"id":332,"name":333,"tactic":334},"D3-DF","Decoy File",{"name":154},{"id":336,"name":337,"tactic":338},"D3-FE","File Encryption",{"name":214},{"id":340,"name":341,"tactic":342},"D3-RF","Restore File",{"name":262},{"id":344,"name":345,"tactic":346},"D3-RC","Restore Configuration",{"name":262},{"id":348,"name":349,"tactic":350},"D3-CF","Content Filtering",{"name":77},{"id":352,"name":353,"tactic":354},"D3-LFP","Local File Permissions",{"name":77},{"id":356,"name":357,"tactic":358},"D3-RFAM","Remote File Access Mediation",{"name":77},{"id":360,"name":361,"tactic":362},"D3-CQ","Content Quarantine",{"name":77},{"id":364,"name":365,"tactic":366},"D3-CM","Content Modification",{"name":77},{"id":368,"name":369,"tactic":370},"D3-KBPI","Kernel-based Process Isolation",{"name":77},{"id":372,"name":373,"tactic":374},"D3-SCF","System Call Filtering",{"name":77},{"id":376,"name":377,"tactic":378},"D3-HBPI","Hardware-based Process Isolation",{"name":77},{"id":380,"name":381,"tactic":382},"D3-ABPI","Application-based Process Isolation",{"name":77},{"id":384,"name":385,"tactic":386},"D3-WSAM","Web Session Access Mediation",{"name":77},{"id":388,"name":389,"techniques":390},"CAPEC-701","Browser in the Middle (BiTM)",[],[392],{"_key":393,"name":394,"source":395,"url":396,"maturity":397,"reliability_score":398,"verified":399,"type":9,"platforms":400,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_KEEGANPARR1_1DFFD3C017339B7ED5371ED3D81E6B2A","1Dffd3C017339B7Ed5371Ed3D81E6B2A","github","https://gist.github.com/keeganparr1/1dffd3c017339b7ed5371ed3d81e6b2a","poc",0.3,false,[],[],[],[404,406,408],{"_key":405},"UBUNTU-CVE-2023-26141",{"_key":407},"DEBIAN-CVE-2023-26141",{"_key":409},"RHSA-2024:0797",[],[],"2023-09-14T05:00:00.986Z","2024-09-25T18:16:01.457Z","Modified",{"cisa_kev":399,"cisa_ransomware":399,"cisa_vendor":9,"epss_severity":416,"epss_score":417,"severity":418,"severity_score":419,"severity_version":420,"severity_source":421,"severity_vector":422,"severity_status":414},"low",0.0045,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",[424,430,434,439],{"url":425,"sources":426,"tags":428},"https://security.snyk.io/vuln/SNYK-RUBY-SIDEKIQ-5885107",[421,427],"nvd",[429],"Third Party Advisory",{"url":396,"sources":431,"tags":432},[421,427],[433],"Exploit",{"url":435,"sources":436,"tags":437},"https://github.com/sidekiq/sidekiq/blob/6-x/web/assets/javascripts/dashboard.js%23L6",[421,427],[438],"Broken Link",{"url":440,"sources":441,"tags":442},"https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89",[421,427],[443],"Patch",[],{"date":446,"score":417,"percentile":447},"2026-06-04",0.63943,[449,453,456,459,462,464,467,470,473,476,479,482,485,488,490,494,497,500,502,504,507,510,513,516,518,521,524,527,530,533,536,539,542,545,548,551,554,557,560,563,566,569,572,575,578,581,584,587,589,592,595,598,601,604,607,610,613,616,618,621,624,627,630,633,636,639,642,645,648,651,654,656,659,661,663,666,668,670,673,676,679,682,685,688,690,692,695,698,700,702],{"date":450,"score":451,"percentile":452},"2025-11-04",0.004,0.5998,{"date":454,"score":451,"percentile":455},"2025-11-05",0.59964,{"date":457,"score":451,"percentile":458},"2025-11-06",0.59966,{"date":460,"score":451,"percentile":461},"2025-11-07",0.59983,{"date":463,"score":451,"percentile":461},"2025-11-08",{"date":465,"score":451,"percentile":466},"2025-11-09",0.59979,{"date":468,"score":451,"percentile":469},"2025-11-10",0.59955,{"date":471,"score":451,"percentile":472},"2025-11-11",0.59968,{"date":474,"score":451,"percentile":475},"2025-11-12",0.59993,{"date":477,"score":451,"percentile":478},"2025-11-13",0.59999,{"date":480,"score":451,"percentile":481},"2025-11-14",0.60006,{"date":483,"score":451,"percentile":484},"2025-11-15",0.59996,{"date":486,"score":451,"percentile":487},"2025-11-16",0.59982,{"date":489,"score":451,"percentile":466},"2025-11-17",{"date":491,"score":492,"percentile":493},"2025-11-18",0.00194,0.36851,{"date":495,"score":492,"percentile":496},"2025-11-19",0.36862,{"date":498,"score":492,"percentile":499},"2025-11-20",0.36855,{"date":501,"score":451,"percentile":475},"2025-11-21",{"date":503,"score":451,"percentile":475},"2025-11-22",{"date":505,"score":451,"percentile":506},"2025-11-23",0.59973,{"date":508,"score":451,"percentile":509},"2025-11-24",0.59971,{"date":511,"score":451,"percentile":512},"2025-11-25",0.59974,{"date":514,"score":451,"percentile":515},"2025-11-26",0.59975,{"date":517,"score":451,"percentile":487},"2025-11-27",{"date":519,"score":451,"percentile":520},"2025-11-28",0.59959,{"date":522,"score":451,"percentile":523},"2025-11-29",0.59935,{"date":525,"score":451,"percentile":526},"2025-11-30",0.59926,{"date":528,"score":451,"percentile":529},"2025-12-01",0.60076,{"date":531,"score":451,"percentile":532},"2025-12-02",0.60087,{"date":534,"score":451,"percentile":535},"2025-12-03",0.60092,{"date":537,"score":451,"percentile":538},"2025-12-04",0.59924,{"date":540,"score":451,"percentile":541},"2025-12-05",0.5993,{"date":543,"score":451,"percentile":544},"2025-12-06",0.5992,{"date":546,"score":451,"percentile":547},"2025-12-07",0.59914,{"date":549,"score":451,"percentile":550},"2025-12-08",0.59916,{"date":552,"score":451,"percentile":553},"2025-12-09",0.59953,{"date":555,"score":451,"percentile":556},"2025-12-10",0.59998,{"date":558,"score":451,"percentile":559},"2025-12-11",0.60017,{"date":561,"score":451,"percentile":562},"2025-12-12",0.60034,{"date":564,"score":451,"percentile":565},"2025-12-13",0.60035,{"date":567,"score":451,"percentile":568},"2025-12-14",0.60029,{"date":570,"score":451,"percentile":571},"2025-12-15",0.60004,{"date":573,"score":451,"percentile":574},"2025-12-16",0.60027,{"date":576,"score":451,"percentile":577},"2025-12-17",0.60043,{"date":579,"score":451,"percentile":580},"2025-12-18",0.60084,{"date":582,"score":451,"percentile":583},"2025-12-19",0.60094,{"date":585,"score":451,"percentile":586},"2025-12-20",0.60095,{"date":588,"score":451,"percentile":580},"2025-12-21",{"date":590,"score":451,"percentile":591},"2025-12-22",0.60077,{"date":593,"score":451,"percentile":594},"2025-12-23",0.6009,{"date":596,"score":451,"percentile":597},"2025-12-24",0.60101,{"date":599,"score":451,"percentile":600},"2025-12-25",0.60135,{"date":602,"score":451,"percentile":603},"2025-12-26",0.60129,{"date":605,"score":451,"percentile":606},"2025-12-27",0.60187,{"date":608,"score":451,"percentile":609},"2025-12-28",0.60107,{"date":611,"score":451,"percentile":612},"2025-12-29",0.601,{"date":614,"score":451,"percentile":615},"2025-12-30",0.60114,{"date":617,"score":451,"percentile":600},"2025-12-31",{"date":619,"score":451,"percentile":620},"2026-01-01",0.6032,{"date":622,"score":451,"percentile":623},"2026-01-02",0.60306,{"date":625,"score":451,"percentile":626},"2026-01-03",0.60304,{"date":628,"score":451,"percentile":629},"2026-01-04",0.6013,{"date":631,"score":451,"percentile":632},"2026-01-05",0.60118,{"date":634,"score":451,"percentile":635},"2026-01-06",0.60128,{"date":637,"score":451,"percentile":638},"2026-01-07",0.60154,{"date":640,"score":451,"percentile":641},"2026-01-08",0.6018,{"date":643,"score":451,"percentile":644},"2026-01-09",0.60183,{"date":646,"score":451,"percentile":647},"2026-01-10",0.60179,{"date":649,"score":451,"percentile":650},"2026-01-11",0.60161,{"date":652,"score":451,"percentile":653},"2026-01-12",0.60136,{"date":655,"score":451,"percentile":612},"2026-01-13",{"date":657,"score":451,"percentile":658},"2026-01-14",0.6014,{"date":660,"score":451,"percentile":658},"2026-01-15",{"date":662,"score":451,"percentile":650},"2026-01-16",{"date":664,"score":451,"percentile":665},"2026-01-17",0.60156,{"date":667,"score":451,"percentile":638},"2026-01-18",{"date":669,"score":451,"percentile":653},"2026-01-19",{"date":671,"score":451,"percentile":672},"2026-01-20",0.60144,{"date":674,"score":451,"percentile":675},"2026-01-21",0.60148,{"date":677,"score":451,"percentile":678},"2026-01-22",0.60153,{"date":680,"score":451,"percentile":681},"2026-01-23",0.60192,{"date":683,"score":451,"percentile":684},"2026-01-24",0.60201,{"date":686,"score":451,"percentile":687},"2026-01-25",0.60165,{"date":689,"score":451,"percentile":665},"2026-01-26",{"date":691,"score":451,"percentile":650},"2026-01-27",{"date":693,"score":451,"percentile":694},"2026-01-28",0.60172,{"date":696,"score":451,"percentile":697},"2026-01-29",0.60173,{"date":699,"score":451,"percentile":697},"2026-01-30",{"date":701,"score":451,"percentile":647},"2026-01-31",{"date":703,"score":451,"percentile":704},"2026-02-01",0.6031,[706,711],{"source":421,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":707,"cvss_v4_0":9},{"baseScore":419,"baseSeverity":708,"vectorString":422,"impactScore":709,"exploitabilityScore":710},"HIGH",6,10,{"source":427,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":712,"cvss_v4_0":9},{"baseScore":713,"baseSeverity":714,"vectorString":715,"impactScore":709,"exploitabilityScore":716},4.9,"MEDIUM","CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",3.1,[718],{"ecosystem":9,"name":719,"vendor":720,"product":719,"cpe_part":721,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":722},"sidekiq","contribsys","a",[723,729],{"version":724,"is_range":725,"range_type":726,"version_start":9,"version_start_type":9,"version_end":727,"version_end_type":728,"fixed_in":9},"lt6.5.10",true,"cpe","6.5.10","excluding",{"version":730,"is_range":725,"range_type":726,"version_start":731,"version_start_type":732,"version_end":733,"version_end_type":728,"fixed_in":9},"gte7.0_lt7.1.3","7.0","including","7.1.3"]