FixVibe

// docs / changelog

Değişiklik günlüğü

FixVibe tarama motoru güncellemeleri: yeni kapsam, güvenlik iyileştirmeleri ve doğruluk iyileştirmeleri. Önce en yeni girişler.

2026-07-02

  • DÜZELTİLDİLegal-link false positives reduced. Privacy and terms links that are visible after client-side rendering now count correctly, so SPA footers are not reported as missing when users can see those links.

30 Haziran 2026

  • YENİLabel Studio CVE-2025-47783 reflected XSS check. Verified active scans now flag Label Studio upload-example responses when target-specific label_config evidence shows raw HTML metacharacter reflection, without executing JavaScript, using victim sessions, reading tokens, or storing project data.
  • YENİAVideo CVE-2023-25313 / GHSA-pgvh-p3g4-86jw advisory. Repo scans flag affected wwbn/avideo Composer manifests and lockfiles below 12.4 with version-based evidence only; no AVideo login, video-link submission, video creation, request-delay checks, command execution, or runtime exploit claim.
  • YENİGL.iNet GL-MT3000 CVE-2026-11451 advisory. Verified active scans flag GL.iNet GL-MT3000 firmware 4.4.5 as version-based advisory evidence only; no router authentication, FTP-setting changes, file writes, command input, or command-execution claim.
  • İYİLEŞTİRİLDİSchneider Modicon M221 uzaktan yeniden başlatma kapsamı. Mevcut pasif Modicon M221 firmware kontrolü artık aynı güçlü herkese açık HTTP ürün ve firmware sürümü kanıtını CVE-2018-7789 ile, CVE-2018-7790 bağlamıyla birlikte ilişkilendirir; yeniden başlatma probe’ları, Modbus sorguları, kimlik doğrulama replay’i, PLC programı yükleme veya exploit doğrulaması iddiası olmadan sürüm tabanlı advisory bağlamı raporlar.
  • YENİMbed TLS CVE-2024-45159 repo advisory coverage. GitHub repo scans now flag source and build metadata for affected Mbed TLS 3.2.0 through 3.6.0 releases, reporting version-based advisory evidence without client-certificate probes, TLS handshake testing, or authentication-bypass confirmation.
  • YENİOracle Java SE/GraalVM CVE-2022-21340 repo advisory coverage. GitHub repo scans now flag explicit Oracle Java SE or Oracle GraalVM Enterprise runtime metadata, reporting version-based advisory evidence without running Java, sandbox-code proof, denial-of-service traffic, or runtime exploit confirmation.
  • YENİOpenSSL CMS CVE-2025-15467 advisory. GitHub repo scans now flag affected OpenSSL CMS release-line evidence and report branch-aware source/config evidence without crash, denial-of-service, or code-execution reproduction.
  • YENİcodfish semantic-release GitHub Action compromise check. Repo scans can now flag workflow YAML references to codfish/semantic-release-action refs associated with the June 2026 compromise, reporting source/config evidence only. The check does not run GitHub Actions, read CI secrets, inspect runners, or claim credential theft.
  • YENİSpring Data Commons property-path advisory coverage. GitHub repo scans now report Maven/Gradle dependency evidence for Spring Data Commons versions associated with CVE-2018-1274 / GHSA-5q8m-mqmx-pxp9. The finding stays version-based and does not run the app, probe Spring Data REST endpoints, send crafted property-path parameters, stress CPU or memory, or claim denial-of-service confirmation.
  • YENİvm2 Promise species advisory coverage. GitHub repo scans now report npm manifest and lockfile evidence for vm2 versions associated with CVE-2026-47208 / GHSA-76w7-j9cq-rx2j. The finding stays version-based and does not run the app, execute sandbox-breakout proof-of-concept code, inspect live workers, or claim host command execution.
  • YENİpyLoad /flashgot advisory coverage. GitHub repo scans now report Python manifest and lockfile evidence for pyload-ng versions associated with CVE-2024-47821 / GHSA-w7hq-f2pj-c53g. The finding stays version-based and does not run pyLoad, send /flashgot requests, change settings, download files, write script directories, or claim command execution.
  • YENİSAP Cloud SDK for AI Python advisory check. GitHub repo scans now flag Python manifest and lockfile evidence for sap-ai-sdk-base versions affected by CVE-2023-25617 / GHSA-xxhh-59gh-6ffx as version-based advisory evidence, without running Python, connecting to SAP BusinessObjects, scheduling Program Objects, sending command-injection input, or claiming OS command execution.
  • YENİGradio Windows/Python path traversal advisory check. GitHub repo scans now flag Gradio dependency evidence for CVE-2026-28414 / GHSA-39mp-8hj3-5c49 and raise confidence when repository configuration also points to Windows with Python 3.13+, without requesting Gradio file endpoints, sending traversal input, reading files, or claiming live arbitrary file read.

29 Jun 2026

  • YENİMISP STIX import source advisory coverage. GitHub repo scans now report source evidence for CVE-2018-19908 in app/Model/Event.php when original STIX filenames flow into shell command construction. The check uses repository source evidence and does not run MISP, import files, or claim runtime command execution.
  • YENİMindsDB status version advisory coverage. Verified active scans now include MindsDB /api/status version evidence for CVE-2026-27483 when the public status endpoint reports a release before 25.9.1.1. This read-only check does not upload files, send traversal filenames, or claim remote-code execution.
  • YENİNiceGUI upload filename source advisory check. GitHub repo scans now include CVE-2026-25732 coverage when affected NiceGUI dependency evidence appears with upload-handler source that saves paths built from client-supplied filenames. The check reports source/dependency evidence without uploading files, writing outside upload directories, or claiming code execution.

June 18, 2026

  • YENİSillyTavern SearXNG SSRF active check. Verified active scans now report only direct evidence that a SillyTavern SearXNG search proxy fetched a FixVibe-controlled external callback URL. The probe avoids localhost, cloud metadata, private-network targets, and internal-service requests.
  • YENİKimlik doğrulamasız Glances REST API açıklığı denetimi. Doğrulanmış aktif taramalar artık taranan origin'in Glances REST API kimliğini ve metrik biçimli yanıtları kimlik doğrulaması olmadan açığa çıkardığını doğrulayabilir. FixVibe yalnızca yanıt biçimini kaydeder ve geniş API dökümlerinden, işlem listelerinden, komut satırlarından, yapılandırmadan veya secret'lardan kaçınır.
  • YENİSpring Data Commons + XMLBeam advisory coverage. GitHub repo scans now report paired Maven/Gradle dependency evidence for Spring Data Commons and XMLBeam versions associated with CVE-2018-1259 / GHSA-m929-7fr6-cvjg. The finding stays version-based and does not run the app, send XML payloads, probe endpoints, read local files, or claim SSRF confirmation.
  • YENİMoby AuthZ bağımlılık advisoriesi kontrolü. GitHub repo taramaları artık CVE-2026-34040 / GHSA-x744-4wpc-v9h2’den etkilenen Moby veya Docker Engine sürümlerine çözümlenen Go modül manifestlerini, Docker APIs’e bağlanmadan, AuthZ pluginlerini yoklamadan, özel hazırlanmış istek göndermeden veya yetkilendirme bypass doğrulaması iddia etmeden sürüm tabanlı advisory kanıtı olarak işaretleyebilir.
  • YENİNGINX rewrite-module config advisory check. GitHub repo scans can now correlate affected NGINX version evidence with rewrite-module configuration evidence for CVE-2026-42945, without running NGINX, sending traffic, or claiming memory-corruption proof.
  • YENİSQLitePCLRaw NuGet advisory check. GitHub repo scans can now flag .NET project and NuGet lockfile evidence for affected SQLitePCLRaw native SQLite packages tied to CVE-2025-6965 / GHSA-2m69-gcr7-jv3q, without claiming memory-corruption proof.
  • YENİgemini-mcp-tool CVE-2026-0755 advisory. Repo scans flag affected npm manifest and lockfile versions for GHSA-4h5r-5jm8-jxjm with repository version evidence only. The check does not run the MCP server, send command or @file probes, trigger callbacks, read local files, or assert runtime exploit confirmation.
  • YENİMastra easy-day-js advisory check. GitHub repo scans flag easy-day-js manifest and lockfile evidence tied to the June 2026 Mastra npm incident. The finding stays limited to repository dependency evidence and does not verify stale npm owners, run package scripts, inspect hosts, or assert credential theft.
  • YENİDrupal Core CVE-2026-9082 advisory check. GitHub repo scans flag Composer manifest and lockfile versions for GHSA-ghwc-95x2-682j with repository version evidence only. The check does not run Drupal, verify PostgreSQL, send SQL payloads, extract data, or assert runtime exploit confirmation.
  • YENİParamiko SSH-server authentication advisory check. GitHub repo scans can now flag Python dependency files that resolve Paramiko releases affected by CVE-2018-7750 / GHSA-232r-66cg-79px, reporting version-based advisory evidence without starting an SSH server, sending bypass traffic, or claiming deployed server-mode exposure.
  • YENİApache Tomcat HTTP/2 resource-consumption dependency advisory check. GitHub repo scans can now flag Maven and Gradle build files that resolve Tomcat releases affected by CVE-2020-11996 / GHSA-53hp-jpwq-2jgq, reporting version-based advisory evidence without running Tomcat, sending HTTP/2 denial-of-service traffic, generating high-CPU proof traffic, or claiming runtime availability impact.
  • YENİ@andrei-tatar/nora-firebase-common prototype-pollution advisory check. GitHub repo scans can now flag npm manifests and lockfiles that resolve @andrei-tatar/nora-firebase-common versions affected by CVE-2024-30564 / GHSA-jjff-q3q4-5hh8, reporting version-based advisory evidence without running the package, mutating Object.prototype, sending proof payloads, or claiming runtime exploit confirmation.
  • YENİcordova-plugin-inappbrowser Android advisory check. GitHub repo scans can now flag npm manifests, lockfiles, and Cordova config.xml files that resolve cordova-plugin-inappbrowser versions affected by CVE-2019-0219 / GHSA-c6pw-q7f2-97hv, reporting version-based advisory evidence without building mobile binaries, loading proof content, exercising plugin bridge behavior, or claiming deployed Android exploitability.
  • YENİNokogiri libxslt RubyGems advisory coverage. GitHub repo scans now report Gemfile, Gemfile.lock, and gemspec evidence for Nokogiri releases affected by CVE-2019-18197 / GHSA-242x-7cm6-4w8j. The check uses version-based RubyGems evidence and does not run Ruby, process XML or XSLT input, crash-test libxslt, or claim runtime exploit confirmation.
  • YENİPerl GD CPAN advisory coverage. GitHub repo scans now report CPAN dependency evidence for Perl GD releases affected by CVE-2026-11526. The check uses version-based repository evidence and does not run Perl, process image files, pass crafted filenames to GD::Image constructors, or claim command-execution or file-overwrite confirmation.
  • YENİkill-port-process CVE-2019-15609 advisory check. GitHub repo scans flag affected npm manifest and lockfile versions for GHSA-xp4x-j9vh-c3wf, reporting version evidence only. The check does not run the package, send command payloads, terminate processes, or assert runtime exploit confirmation.
  • YENİproxy npm advisory coverage. GitHub repo scans can now report repository dependency evidence for proxy releases associated with CVE-2023-2968 / GHSA-mj6p-3pc9-wf5m. The finding stays version-based and does not run proxy, send crafted request traffic, crash-test services, or claim runtime denial-of-service confirmation.
  • YENİApache ActiveMQ Artemis Jolokia dependency advisory check. GitHub repo scans can now flag Maven and Gradle build files that resolve org.apache.activemq:artemis-cli versions affected by CVE-2023-50780 / GHSA-443j-grxv-2pgv, reporting version-based advisory evidence without authenticating to Jolokia, enumerating MBeans, changing Log4J2 configuration, writing files, restarting services, or claiming live RCE confirmation.
  • YENİApache ActiveMQ Artemis dependency advisory check. GitHub repo scans can now flag Maven and Gradle build files that pin or allow artemis-server versions affected by CVE-2026-27446 / GHSA-fw88-pf9m-p947, reporting version-based advisory evidence without connecting to brokers, triggering federation callbacks, or claiming message injection/exfiltration confirmation.
  • YENİApache Spark UI dependency advisory check. GitHub repo scans can now flag Maven, Gradle, and PySpark dependency files that pin or allow Apache Spark versions affected by CVE-2022-33891 / GHSA-4x9r-j582-cgr8, reporting version-based advisory evidence without visiting Spark UI, sending active exploit probes, or claiming command-execution confirmation.
  • YENİvLLM pickle-deserialization dependency advisory check. GitHub repo scans can now flag Python dependency files that pin or allow vllm versions affected by CVE-2024-9053 / GHSA-cj47-qj6g-x7r4, reporting version-based advisory evidence without running vLLM, exposing AsyncEngineRPCServer, sending pickle payloads, or claiming runtime code-execution confirmation.
  • YENİApache Airflow example-DAG advisory coverage. GitHub repo scans can now report repository dependency evidence for Airflow releases associated with CVE-2024-45498 / GHSA-c392-whpc-vfpr. The finding stays version-based and does not probe Airflow UI, trigger DAGs, run command payloads, or claim runtime exploit confirmation.
  • YENİONNX download_model_with_test_data advisory coverage. GitHub repo scans now report Python dependency evidence for onnx releases affected by CVE-2024-5187 / GHSA-6rq9-53c3-f7vj and add source-call context when download_model_with_test_data appears. The check does not run Python, download or extract model archives, create malicious tar files, overwrite files, or claim runtime exploit confirmation.
  • YENİYOURLS type-juggling dependency advisory check. GitHub repo scans can now flag Composer and YOURLS source-version evidence for yourls/yourls releases affected by CVE-2019-14537 / GHSA-vf23-f26f-mjj9, reporting version-based advisory evidence without calling the YOURLS API, sending authentication-bypass requests, probing admin pages, or claiming unauthorized access.
  • YENİhttp4k-format-xml dependency advisory check. GitHub repo scans can now flag Maven and Gradle build files that resolve org.http4k:http4k-format-xml versions affected by CVE-2024-55875 / GHSA-7mj5-hjjj-8rgw, reporting version-based advisory evidence without sending XML payloads, SSRF callbacks, local-file reads, or denial-of-service traffic.

June 14, 2026

  • DÜZELTİLDİDOM XSS fragment probe stability fix. Verified active scans now skip the DOM fragment probe cleanly when browser automation is unavailable at startup, so reports no longer show internal browser-context errors for that check.
  • İYİLEŞTİRİLDİExpanded Red Hat npm worm coverage. GitHub repo scans now include additional Wiz-reported @redhat-cloud-services package versions for the Miasma campaign, while still reporting repository dependency evidence without installing packages, executing lifecycle scripts, or claiming credential theft.
  • YENİKnown npm typosquat package check. GitHub repo scans can now flag package manifests and lockfiles that resolve Microsoft-reported vpmdhaj npm typosquat package versions, reporting version-based advisory evidence without installing packages, executing lifecycle scripts, fetching tarballs, contacting attacker infrastructure, or claiming credential theft.
  • YENİCodex Remote UI token-stealing npm package check. GitHub repo scans can now flag package manifests and lockfiles that resolve codexui-android 0.1.82 or newer, reporting version-based advisory evidence without installing the package, executing it, reading Codex auth files, contacting exfiltration infrastructure, or claiming token theft.
  • YENİClaude Code GitHub Action workflow repo check. GitHub repo scans can now flag Claude Code Action workflows with mutable action refs, broad workflow token permissions, or risky access override inputs, reporting workflow YAML evidence without running Actions, executing Claude Code, reading CI secrets, or claiming prompt-injection exploitation.
  • YENİonering Rust crate malware repo check. GitHub repo scans can now flag Cargo manifests or lockfiles that resolve onering 1.4.1 or the known compromised onering git commit, and can flag matching checked-in build.rs evidence, without running Cargo, executing build scripts, fetching crates, or claiming source exfiltration.
  • YENİNode-gyp / Phantom Gyp npm worm repo check. GitHub repo scans can now flag package manifests or lockfiles that resolve known malicious npm package versions from the binding.gyp supply-chain campaign, or flag matching binding.gyp source evidence, without running npm install, executing node-gyp, downloading tarballs, or claiming credential theft.

June 11, 2026

  • İYİLEŞTİRİLDİMoxa NPort authentication advisory coverage. The existing verified-active Moxa NPort firmware check now correlates the same strong HTTP model and firmware evidence with CVE-2016-9361 as part of the MCSA-160401 advisory family, while still reporting a version-based advisory without attempting password retries, brute-force checks, firmware uploads, unauthenticated administrative actions, SNMP queries, serial-device protocol probes, crash tests, or exploit confirmation.
  • İYİLEŞTİRİLDİMoxa NPort unauthenticated firmware-update advisory coverage. The existing verified-active Moxa NPort firmware check now correlates the same strong HTTP model and firmware evidence with CVE-2016-9369 as part of the MCSA-160401 advisory family, while still reporting a version-based advisory without attempting firmware uploads, unauthenticated administrative actions, SNMP queries, serial-device protocol probes, crash tests, or exploit confirmation.
  • YENİSchneider Modicon M221 firmware advisory check. Passive scans can now flag strong public HTTP product and firmware-version evidence for Modicon M221 controllers associated with CVE-2018-7790, reporting version-based advisory context without capturing credentials, replaying authentication, querying Modbus, uploading PLC programs, or claiming unauthorized-access confirmation.
  • YENİLangflow CVE-2025-34291 CORS advisory check. Verified active scans can now flag affected Langflow instances when target-specific version evidence is paired with credentialed CORS origin reflection, without authenticating, reading tokens, triggering refresh flows, or claiming code-execution confirmation.
  • YENİSiteOmat BOS version advisory check. Verified active scans can now flag public SiteOmat BOS version evidence associated with CVE-2017-14728 as a version-based advisory, without attempting default credentials, SSH login, broad port scans, state-changing management actions, or unauthorized access.
  • YENİSiteOmat login SQL injection advisory check. Verified active scans can now flag public SiteOmat BOS version evidence associated with CVE-2017-14851 as a version-based advisory, without submitting login forms, sending SQL injection payloads, attempting authentication bypass, accessing post-login pages, or making state-changing management requests.
  • YENİSiteOmat CGI buffer-overflow advisory check. Verified active scans can now flag public SiteOmat BOS version evidence associated with CVE-2017-14854 as a version-based advisory, without sending crafted CGI input, overflow payloads, crash tests, broad port scans, state-changing management actions, or exploit requests.
  • YENİKubernetes externalIPs manifest advisory check. GitHub repo scans can now flag Kubernetes Service manifests that declare non-empty spec.externalIPs as source/config hardening evidence for CVE-2020-8554, without inspecting live clusters, checking RBAC, sending traffic, or claiming traffic interception.
  • YENİApache Tomcat EncryptInterceptor dependency advisory check. GitHub repo scans can now flag Maven and Gradle files that resolve exact Tomcat releases associated with CVE-2026-34486 / GHSA-69r9-qgr7-g2wj, reporting version-based advisory evidence without running Tomcat, inspecting cluster traffic, sending crafted Tribes packets, or claiming plaintext-disclosure confirmation.
  • YENİApache Tomcat h2c request mix-up dependency advisory check. GitHub repo scans can now flag Maven and Gradle files that resolve Tomcat embedded-core or Coyote versions affected by CVE-2021-25122 / GHSA-j39c-c8hj-x4j3, reporting version-based advisory evidence without running Tomcat, sending h2c upgrade requests, capturing traffic, or claiming information-disclosure confirmation.
  • YENİPickleScan ZIP CRC dependency advisory check. GitHub repo scans can now flag Python dependency files that pin or allow PickleScan versions affected by CVE-2025-10156 / GHSA-mjqp-26hc-grxg, reporting version-based advisory evidence without running PickleScan, creating corrupted archives, loading models, or claiming runtime code-execution confirmation.
  • YENİNLTK Zip Slip dependency advisory check. GitHub repo scans can now flag Python dependency files that pin or allow NLTK versions affected by CVE-2025-14009 / GHSA-7p94-766c-hgjp, reporting version-based advisory evidence without running Python or NLTK, calling nltk.download(), extracting packages, creating malicious archives, or claiming runtime code-execution confirmation.
  • YENİTanStack ArkType adapter malware dependency check. GitHub repo scans can now flag package manifests and lockfiles that resolve @tanstack/arktype-adapter to malicious versions 1.166.12 or 1.166.15 from CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx, reporting version-based advisory evidence without running npm install, executing lifecycle scripts, downloading tarballs, or claiming credential theft.
  • YENİMbed TLS CVE-2021-44732 repo advisory check. GitHub repo scans can now flag source and build metadata that identify Mbed TLS versions affected by CVE-2021-44732, reporting version-based advisory evidence without running Mbed TLS, forcing out-of-memory behavior, calling session-copy APIs, or claiming live double-free confirmation.
  • YENİIIS TRACK method exposure check. Verified active scans can now flag legacy TRACK echo behavior associated with CVE-2003-1567 using non-sensitive request evidence, without sending cookies, credentials, browser exploit pages, user traffic, or state-changing requests.
  • YENİRed Hat npm worm dependency advisory check. GitHub repo scans can now flag package manifests and lockfiles that resolve known compromised @redhat-cloud-services npm versions associated with the credential-stealing worm campaign, reporting dependency evidence without executing install scripts or claiming credential theft.
  • YENİDICOM executable preamble check. GitHub repo scans can now flag committed DICOM files whose Part 10 preamble carries executable-file evidence, reporting static file evidence without executing the file or claiming production compromise.

June 10, 2026

  • YENİMbed TLS CVE-2023-45199 repo advisory check. GitHub repo scans can now flag source and build metadata that identify Mbed TLS 3.2.x through 3.4.x, reporting version-based advisory evidence without sending TLS handshake payloads or claiming live memory corruption.
  • YENİRockwell MicroLogix 1100 advisory fingerprint. Passive scans can now flag strong public HTTP evidence of a Rockwell Automation MicroLogix 1100 controller associated with CVE-2021-33012, reporting advisory context without sending industrial protocol commands or claiming denial-of-service behavior.
  • YENİMoxa NPort firmware advisory check. Verified active scans can now flag public HTTP model and firmware-version evidence for Moxa NPort devices associated with CVE-2016-9363, reporting version-based advisory context without sending crafted packets, querying SNMP, testing serial-device services, or claiming exploit confirmation.
  • YENİRockwell MicroLogix 1100 authentication-attempt advisory check. Verified active scans can now flag public HTTP model and firmware evidence for MicroLogix 1100 controllers associated with CVE-2017-7898, reporting version-based advisory context without attempting logins, brute force, or industrial protocol probes.
  • YENİLog4j 1.2 JDBCAppender advisory check. GitHub repo scans can now flag Log4j 1.2 dependency evidence paired with JDBCAppender SQL configuration for CVE-2022-23305 / GHSA-65fg-84f6-3jq3, reporting repository/config evidence without executing SQL, writing log events, or claiming runtime database compromise.
  • YENİLog4j 1.2 JMSAppender advisory check. GitHub repo scans can now flag Log4j 1.2 dependency evidence paired with JMSAppender configuration for CVE-2021-4104 / GHSA-fp5r-v3w9-4333, reporting repository/config evidence without contacting JNDI or JMS services or claiming runtime exploit confirmation.
  • YENİMicrosoft ATL MS09-035 source advisory check. GitHub repo scans can now flag legacy Visual C++ ATL project metadata paired with ATL source usage associated with CVE-2009-0901/CVE-2009-2493/CVE-2009-2495, reporting source/build advisory evidence without inspecting build machines, sending malformed streams, probing information disclosure, or claiming live code-execution confirmation.
  • YENİLangflow CVE-2026-33017 version advisory check. Verified active scans can now flag public Langflow version evidence for CVE-2026-33017 / GHSA-vwmf-pq79-vjvx as a version-based advisory, without submitting flow data, building flows, executing code, or claiming public-flow exploit confirmation.
  • YENİKeras CVE-2025-1550 dependency advisory check. GitHub repo scans can now flag Python dependency files that pin or allow Keras versions affected by CVE-2025-1550 / GHSA-48g7-3x6r-xfhp, reporting version-based advisory evidence without loading model archives, generating payloads, or claiming runtime code-execution confirmation.
  • YENİTLS RC4 negotiation advisory check. Verified active scans can now flag TLS endpoints that still select RC4 cipher suites associated with CVE-2015-2808, reporting confirmed RC4 support without capturing traffic or claiming plaintext recovery.
  • YENİTLS Sweet32 DES/3DES advisory check. Verified active scans can now flag TLS endpoints that still select DES or 3DES 64-bit block cipher suites associated with CVE-2016-2183, reporting confirmed cipher negotiation without capturing traffic or claiming plaintext recovery.
  • YENİSchneider PowerLogic EGX advisory check. Verified active scans can now flag public PowerLogic EGX100 firmware or EGX300 product evidence associated with CVE-2021-22765/CVE-2021-22767/CVE-2021-22768, reporting product/firmware advisory context without sending crafted HTTP packets, querying industrial protocols, crash-testing gateways, or claiming exploit confirmation.

May 27, 2026

  • YENİArcserve UDP CVE-2025-34523 version advisory check. Verified active scans can now flag public Arcserve UDP version evidence for CVE-2025-34523 as a version-based advisory, without sending crafted heap-overflow input, crash-testing the service, authenticating to the console, or claiming command execution.
  • YENİLiferay Portal CVE-2010-5327 version advisory check. Verified active scans can now flag public Liferay Portal version evidence for CVE-2010-5327 as a version-based advisory, without authenticating, editing templates, sending template payloads, or claiming command execution.
  • YENİws excessive-header DoS dependency advisory check. GitHub repo scans can now flag npm manifests and lockfiles that resolve ws versions affected by CVE-2024-37890 / GHSA-3h5v-q93c-6h6q, reporting version-based advisory evidence without sending denial-of-service traffic or claiming runtime WebSocket exposure.

May 25, 2026

  • İYİLEŞTİRİLDİSPIP version advisory wording. Passive SPIP version findings now distinguish version-fingerprint advisory evidence for CVE-2016-7980 and CVE-2016-7998 from runtime exploit proof, without active CSRF, local-file validation, or template-execution reproduction.
  • DÜZELTİLDİActive scan reliability and SSTI accuracy fix. Active scans now safely store response-derived evidence that contains unsupported control characters, and SSTI reporting requires stronger target-specific template-evaluation evidence instead of common page or static-asset content.

May 24, 2026

  • YENİWebdriverIO BrowserStack service dependency advisory check. GitHub repo scans can now flag npm manifests and lockfiles that resolve @wdio/browserstack-service versions affected by CVE-2026-25244 / GHSA-5c46-x3qw-q7j7, reporting version-based advisory evidence without running WebdriverIO, starting BrowserStack Local, or using command payloads.
  • YENİWordPress REST API user-exposure check. Verified active scans can now report WordPress REST users endpoints that return public user slugs to unauthenticated clients, with medium-severity exposure wording that does not claim WordPress version proof or account compromise.
  • YENİDjango CSRF dependency advisory check. GitHub repo scans can now flag Python dependency files that pin or allow Django versions affected by CVE-2011-0696 / GHSA-5j2h-h5hg-3wf8, reporting version-based advisory evidence without running Django, probing state-changing routes, or claiming runtime CSRF exploitability.
  • YENİTMT Lockcell SQL injection active check. Verified active scans can now report TMT Lockcell login surfaces whose responses change consistently with CVE-2023-3047, using a bounded login-response comparison that does not run timing delays, follow authenticated redirects, or extract database data.
  • YENİOpenSSL PowerPC Poly1305 advisory check. GitHub repo scans can now correlate affected OpenSSL 3.x version evidence with PowerPC build/deployment evidence for CVE-2023-6129, reporting version-and-architecture advisory evidence without reproducing state corruption or denial-of-service behavior.

May 23, 2026

  • YENİelecterm kimliği doğrulanmamış komut yürütme bildirimi denetimi. GitHub depo taramaları artık CVE-2020-23256 / GHSA-x73w-g8hx-v7rp'den etkilenen electerm sürümlerini sabitleyen veya buna izin veren npm manifest'lerini ve lockfile'larını işaretleyebilir; sonucu sürüm tabanlı bir bildirim olarak raporlar ve electerm hizmetini sondalamaz veya başlatmaz.
  • YENİSaltStack Salt bağımlılığı bildirimi denetimi. GitHub depo taramaları artık CVE-2017-12791 / GHSA-xxvj-8g5m-4qgw'den etkilenen Salt sürümleri için Python bağımlılık kanıtlarını işaretleyebilir; bunu sürüm tabanlı bir bildirim olarak raporlar ve Salt master el sıkışmalarını sondalamaz.
  • YENİrclone RC fsinfo açığa çıkma denetimi. Doğrulanmış aktif taramalar artık CVE-2026-41179 / GHSA-jfwf-28xr-xw6q ile ilişkili rclone Remote Control'ün kimliği doğrulanmamış fsinfo açığa çıkmasını sınırlı meta veri kanıtları kullanarak ve komut yürütmeden doğrulayabilir.
  • YENİApache Tomcat oturum kalıcılığı bildirimi denetimi. GitHub depo taramaları artık CVE-2020-9484 / GHSA-344f-f5vg-2jfj'den etkilenen Tomcat sürümlerini çözümleyen Maven ve Gradle build dosyalarını işaretleyebilir ve depo yapılandırması ayrıca FileStore destekli PersistentManager oturum kalıcılığını gösterdiğinde bulguyu güçlendirebilir.
  • YENİNote Mark dependency advisory check. GitHub repo scans can now flag Go manifests that resolve Note Mark backend versions affected by CVE-2026-44522 / GHSA-g49p-4qxj-88v3, reporting the result as a version-based advisory without uploading files, triggering exports, or claiming live RCE confirmation.

20 Mayıs 2026

  • YENİGogs dependency advisory check. GitHub repo taramaları artık CVE-2018-20303 / GHSA-9hxg-w7qf-hh93 için pinten etkilenen Gogs sürümlerini, yol geçişi onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.
  • YENİdeephas prototype-pollution advisory check. GitHub repo taramaları artık npm bildirimlerini işaretleyebilir ve CVE-2020-28271 / GHSA-4fr2-j4g9-mppf'den etkilenen deephas sürümlerini çözen kilit dosyalarını çalışma zamanı prototip kirliliği onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.
  • YENİOpenSSL TLSv1.3 session advisory check. GitHub repo taramaları artık etkilenen OpenSSL sürümü kanıtlarını CVE-2024-2511 için TLSv1.3 oturum yapılandırması kanıtlarıyla ilişkilendirebilir ve canlı hizmet reddi onayı yerine orta düzeyde güven kaynağı/config kanıtlarını raporlayabilir.

19 Mayıs 2026

  • İYİLEŞTİRİLDİelecterm Linux kurulum komut dosyası kapsamı. Electerm bağımlılık danışmanlığı artık mevcut macOS kurulum komut dosyası danışmanlığının yanı sıra CVE-2026-41501 / GHSA-8x35-hph8-37hq'yi de içeriyor ve bulgunun kapsamını, istismar onayı yerine npm bildirimi ve kilit dosyası kanıtlarıyla sınırlı tutuyor.
  • YENİGeniXCMS author-route SQL injection check. Doğrulanmış aktif taramalar artık GeniXCMS yazar rotalarındaki CVE-2017-5517-style veritabanı hatası davranışını, veri çıkarma veya yıkıcı SQL araştırmaları olmadan hedefe özel kanıtlarla doğrulayabilir.
  • YENİNetmaker DNS key authorization-bypass check. Doğrulanmış aktif taramalar, artık salt okunur DNS API temel isteği reddettiğinde, ancak kayıtları oluşturmadan, değiştirmeden veya silmeden eski DNS yetkilendirme yolu üzerinden DNS kayıt kanıtını döndürdüğünde, Netmaker dağıtımlarında CVE-2023-32077 maruziyetini doğrulayabilir.
  • YENİopenDCIM source command-injection check. GitHub repo taramaları artık report_network_map.php içindeki CVE-2026-28517 kaynak/config modelini, aktif komut yürütme yerine kaynak eşleşmesi kanıtı, güven ve çalışma zamanı istismar limitleriyle işaretleyebilir.
  • YENİSPIP valider_xml XSS check. Doğrulanmış aktif taramalar artık tarayıcıda JavaScript çalıştırmadan SPIP dağıtımlarında CVE-2016-7981-tarzının çıkışsız URL yansımasını hedefe özel HTML-bağlam kanıtıyla doğrulayabiliyor.
  • YENİApache Tomcat Coyote dependency advisory check. GitHub repo taramaları artık Tomcat Coyote'u veya CVE-2025-48989 / GHSA-gqp3-2cvr-x8m3'ten etkilenen gömülü çekirdek sürümlerini çözen Maven ve Gradle derleme dosyalarını çalışma zamanı hizmet reddi onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.
  • YENİveraPDF XSLT dependency advisory check. GitHub repo taramaları artık CVE-2024-28109 / GHSA-qxqf-2mfx-x8jw tarafından etkilenen veraPDF yapıtlarını çözen Maven ve Gradle derleme dosyalarını XSLT yürütme onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.

18 Mayıs 2026

  • YENİelecterm dependency advisory check. GitHub repo taramaları, CVE-2026-41500 / GHSA-wxw2-rwmh-vr8f ve CVE-2026-41501 / GHSA-8x35-hph8-37hq'den etkilenen elekterm sürümlerini sabitleyen veya izin veren npm bildirimlerini ve kilit dosyalarını, kötüye kullanım onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.
  • YENİOpenCms dependency advisory check. GitHub repo taramaları artık CVE-2023-42344 / GHSA-rcc6-6q2f-m2cw'den etkilenen org.opencms:opencms-core sürümlerini sabitleyen veya çözen Maven pom.xml dosyalarını, XXE istismar onayı yerine sürüm tabanlı tavsiye niteliğinde kanıtlarla işaretleyebilir.
  • YENİMagicMirror /cors SSRF check. Doğrulanmış etkin taramalar artık, kimliği doğrulanmamış /cors uç noktası dahili hizmetleri incelemeden FixVibe kontrollü bir harici geri arama getirdiğinde MagicMirror örneklerinde CVE-2026-42281 maruziyetini doğrulayabiliyor.

17 Mayıs 2026

  • YENİFUXA hardcoded JWT secret check. Doğrulanmış etkin taramalar artık, güvenlik açığı bulunan geri dönüş JWT imzalama yapılandırmasına hâlâ güvenen FUXA örneklerindeki CVE-2025-69971 maruziyetini doğrulayabiliyor.
  • YENİCKAN DataStore SQL exposure check. Doğrulanmış etkin taramalar artık CVE-2026-42031 ile ilişkili kimlik doğrulamasız CKAN DataStore SQL erişimini doğrulayabilir ve ekipleri yamalı CKAN sürüm hatlarına veya daha güvenli DataStore yapılandırmasına yönlendirebilir.

16 May 2026

  • YENİPDF.js dependency advisory check. GitHub repo taramaları artık npm bildirimlerini işaretleyebilir ve CVE-2024-4367 / GHSA-wgrm-67xf-hhpq'den etkilenen pdfjs-dist sürümlerini sabitleyen veya bunlara izin veren dosyaları kilitleyebilir.
  • YENİActive scans via REST API and MCP. Etkin taramalar artık REST ve MCP üzerinden kontrol panelinden açıkça yetkilendirilmiş doğrulanmış alanlara karşı tetiklenebilir. Yetki herhangi bir zamanda iptal edilebilir.
  • YENİSafer authorization levels for active scans. Alan adı yetkilendirmesi artık daha güvenli otomatik aktif kontrolleri daha derin aktif testlerden ayırıyor, böylece ekipler her alan adı için doğru doğrulama düzeyini otomatikleştirebiliyor.
  • YENİFirst-use webhook for API/MCP active scans. Bir web kancası, yeni yetkilendirilen bir alanda ilk kez API/MCP-triggered aktif tarama çalıştırıldığında ekiplere bilgi verebilir.
  • İYİLEŞTİRİLDİImproved Referrer-Policy findings. Missing or weak Referrer-Policy results now separate URL-referrer leakage from broad information exposure, show document-response evidence, and include generic plus static-host remediation guidance.
  • İYİLEŞTİRİLDİImproved Permissions-Policy findings. Missing or weak Permissions-Policy results now show feature-level evidence, separate broad feature allowlists from missing hardening, and include generic plus static-host remediation guidance for common hosts, proxies, and app servers.
  • İYİLEŞTİRİLDİImproved clickjacking header prompts. Missing X-Frame-Options findings now point agents to CSP frame-ancestors as the modern protection, add Vercel/static SPA header guidance, and verify x-frame-options with CSP.
  • İYİLEŞTİRİLDİCSP header evidence and fix prompts improved. Eksik-CSP raporları artık daha net barındırma ve yanıt bağlamının yanı sıra daha güvenli, çerçeveye duyarlı iyileştirme rehberliği içeriyor.
  • DÜZELTİLDİVercel path-probe false positives reduced. FixVibe artık uygulama kabuğuna bilinmeyen rotaları yeniden yazan dağıtımlarda açığa çıkan çerçeve yapıtlarını bildirmeden önce uygulamaya özel daha güçlü kanıtlar gerektiriyor.
  • DÜZELTİLDİUyumluluk bulguları artık yanıltıcı CWE etiketleri taşımıyor. Daha önce legal-compliance check'i "eksik gizlilik politikası" ve "eksik kullanım şartları" bulgularını CWE-359 (PII ifşası) ile etiketliyordu, bu gerçek boşluğu yansıtmıyor. Bu bulgular artık CWE'siz yayınlanır — bunlar sınıflandırılabilir güvenlik zafiyetleri değil, uyumluluk konularıdır.

15 Mayıs 2026

  • YENİAdditional research-informed checks. FixVibe, en son güvenlik açığı araştırmalarına dayanarak daha fazla kapsam sağladı ve yinelenen konuları, kapsamın zaten mevcut olduğu mevcut tarayıcı modülleriyle eşleştirdi.
  • YENİDepo gizli sızıntı kontrolü. GitHub depo taramaları artık kaynağa gönderilen sabit kodlanmış sağlayıcı anahtarlarını ve gizli benzeri yüksek entropili değerleri işaretleyebilir; kanıt maskelenir ve standart FixVibe rotasyon istemi dahil edilir.
  • YENİVercel deployment protection check. Pasif taramalar artık Vercel Dağıtım Protection olmadan yanıt veren genel *.vercel.app oluşturulan dağıtım URL'lerini işaretleyebilir; mevcut başlık kontrolleri ise CSP, HSTS ve tarayıcı güçlendirmeyi denetlemeye devam eder.

14 Mayıs 2026

  • YENİLiteLLM dependency advisory check. GitHub repo taramaları artık CVE-2026-42208 / GHSA-r75f-5x8p-qvmc'den etkilenen LiteLLM sürümlerini sabitleyen veya bunlara izin veren Python bağımlılık dosyalarını işaretleyebilir.
  • YENİLibreNMS dependency advisory check. GitHub repo taramaları artık Composer bildirimlerini işaretleyebilir veya CVE-2024-51092 / GHSA-x645-6pf9-xwxw tarafından etkilenen LibreNMS sürümlerine izin verebilir.
  • İYİLEŞTİRİLDİFirebase rules detection improved. BaaS taramaları artık daha fazla Firebase uygulama şeklini tespit ediyor ve riskli kamuya açık verilerin açığa çıkmasını belirlemek için salt okunur kanıtları kullanıyor.

13 Mayıs 2026

  • YENİRepo Supabase RLS migration check. GitHub repo taramaları artık eşleşen bir ALTER TABLE ... ENABLE ROW LEVEL SECURITY ifadesi olmadan genel tablolar oluşturan Supabase SQL geçişlerini işaretleyebilir.
  • YENİSupabase Storage posture check. Pasif taramalar artık mevcut RLS ve anahtar kontrollerinin yanı sıra genel Supabase Depolama gruplarını ve anonim nesne listesi teşhirini inceleyebilir.
  • YENİAI-generated code guardrail check. GitHub repo taramaları artık kod tarama, gizli tarama, bağımlılık güncellemeleri ve AI-agent talimatlarıyla ilgili eksik güvenlik otomasyonunu işaretleyebilir.

12 Mayıs 2026

  • YENİRepo web-app risk checklist. GitHub repo taramaları artık ham SQL enterpolasyonu, güvenli olmayan HTML havuzları, kimlik bilgili joker karakter CORS, devre dışı bırakılmış TLS doğrulaması ve zayıf JWT gizli geri dönüşler gibi yüksek güvenliğe sahip OWASP- tarzı kod risklerini işaretleyebilir.
  • YENİNext.js middleware-bypass check. Doğrulanmış etki alanlarına yönelik aktif taramalar, artık raporlamadan önce ara yazılım korumalı rotalardaki CVE-2025-29927 maruziyetini doğrulayabiliyor ve raporlar, iyileştirme için standart FixVibe AI düzeltme istemini içeriyor.

9 Mayıs 2026

  • GÜVENLİKCross-origin scope hardening. Etkin taramalar ve istemci varlığı kontrolleri artık yetkili hedef kapsamı içinde kalıyor ve müşteri tarafından sağlanan kimlik bilgilerinin çapraz kaynak yönlendirmeleri arasında taşınmasını önlüyor.
  • DÜZELTİLDİSupabase RLS check is now strictly read-only. Supabase duruş kontrolleri artık yazma girişimlerini ortadan kaldırıyor ve güvenli maruz kalma sinyallerine odaklanıyor. Doğrulanmış alan aktif testi, daha derin doğrulama için sınır olmaya devam ediyor.
  • İYİLEŞTİRİLDİSecurity-header bulguları yalnızca root HTML responses için geçerlidir. 204, JSON API, file download veya 404 üzerinde eksik CSP, Permissions-Policy, X-Frame-Options ya da Referrer-Policy artık bulgu üretmez. HSTS ve X-Content-Type-Options tüm response'larda derecelendirilmeye devam eder.
  • İYİLEŞTİRİLDİAuth-flow and rate-limit checks now require stronger evidence. FixVibe artık bu sorunları yalnızca uygulama davranışı bulmayı açıkça desteklediğinde raporluyor ve genel hata sayfalarından ve desteklenmeyen yöntemlerden kaynaklanan gürültüyü azaltıyor.
  • İYİLEŞTİRİLDİFile-upload findings tier by exploitability evidence. Dosya yükleme raporları artık düşük güvenilirliğe sahip kabul sinyallerini riskli sunum davranışına ilişkin daha güçlü kanıtlardan ayırarak, zararsız yükleme işleyicilerindeki aşırı ciddiyeti azaltıyor.

7 Mayıs 2026

  • DÜZELTİLDİThreat-intel listing accuracy improved. FixVibe artık gerçek engellenenler listesi kanıtlarını çözümleyici tanılamalarından ayırıyor, böylece tehdit istihbaratı bulguları altyapı tarafındaki arama yanıtlarını gereğinden fazla raporlamıyor.
  • YENİGitHub repo taramaları. Bir repo bağla; FixVibe deployed site'ını hiç yüklemeden kaynakta leaked Supabase service keys, Firebase admin tokens, riskli workflow files ve outdated dependencies kontrol eder. Bkz. Tarama türleri.
  • YENİRiskli JavaScript için SAST kontrolleri. Repo taramaları artık new Function() ve setTimeout("string") flag'ler — ikisi de güvenilmeyen input aldığında eval() ile eşdeğerdir.
  • DÜZELTİLDİVercel / Cloudflare sitelerinde false “exposed file” bulguları. Çıplak 403 Forbidden yanıtları artık “file exists” olarak raporlanmaz — çoğu edge provider şüpheli görünen path'ler için dosya orada olsun olmasın 403 döndürür. Artık flag'lemeden önce pozitif HTTP signal gerekir.
  • DÜZELTİLDİRepo-code false positives reduced. Repo taramaları artık yorumlarda, belgelerde, test yardımcılarında ve çeşitli yüksek sinyalli kod denetimleri için açıkça yalnızca sunucu bağlamlarında güvenlik terimlerinin işaretlenmesini önlüyor.
  • DÜZELTİLDİlocalStorage içindeki Supabase anon key artık JWT-in-storage bulgusu olarak raporlanmaz — anon key, public kullanım için tasarlanmış client token'dır. Browser storage içindeki gerçek service-role token'lar artık daha net başlıkla critical olur.
  • DÜZELTİLDİCSP weakness detection improved. Content-Security-Policy denetimleri artık daha fazla izin veren kaynak politikaları yakalıyor ve kanıtları ve iyileştirmeleri etkili tarayıcı politikasına odaklıyor.
  • DÜZELTİLDİReflected-XSS check tightened. Aktif taramalar artık yürütülebilir bağlam riskini raporlamadan önce daha güçlü yansıma kanıtı gerektiriyor ve sayfadaki ilgisiz işaretlemeden kaynaklanan yanlış pozitifleri azaltıyor.
  • DÜZELTİLDİDomain doğrulama apex ↔ www redirect'lerini doğru işler ve TXT-record Host alanına hangi değerin gireceği konusunda daha nettir.

Format

Her kayıt hızlıca göz atabilmen için tag'lidir:

  • YENİ Yeni bir kontrol, yüzey veya özellik.
  • İYİLEŞTİRİLDİ Mevcut davranış daha iyi hale geldi — daha doğru, daha hızlı, daha net.
  • DÜZELTİLDİ Yayınladığımız ve sonra düzelttiğimiz bir hata.
  • GÜVENLİK Sertleştirme, zafiyet düzeltmeleri veya uyumluluk değişiklikleri.

Bozulan ve burada kayıtlı olmayan bir şey mi gördün? support@fixvibe.app adresine email gönder.

Değişiklik günlüğü — Docs · FixVibe