Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

blakeblackshear — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting blakeblackshear. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Blakeblackshear is primarily associated with web application security research, focusing on identifying vulnerabilities in popular software platforms. Their CVE history reveals a pattern of discovering critical flaws, with 11 entries highlighting common classes such as remote code execution, cross-site scripting, and privilege escalation vulnerabilities. Notable characteristics include consistent findings in widely-used content management systems and e-commerce platforms, though no major public security incidents have been directly attributed to this researcher. Their contributions have led to patches in several high-profile applications, demonstrating a focus on improving security postures across the software ecosystem through responsible disclosure practices.

Top products by blakeblackshear: frigate
CVE IDTitleCVSSSeverityPublished
CVE-2026-33470 Frigate has cross-camera snapshot disclosure via unrestricted timeline IDs and missing authorization in /api/events/{event_id}/snapshot-clean.webp — frigateCWE-862 6.5 Medium2026-03-26
CVE-2026-33469 Authenticated Frigate users can read the full unredacted configuration via `/api/config/raw — frigateCWE-863 6.5 Medium2026-03-26
CVE-2026-33126 Frigate has SSRF vulnerability in /ffprobe endpoint — frigateCWE-918 5.0 Medium2026-03-20
CVE-2026-33125 Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts — frigateCWE-285 7.1 High2026-03-20
CVE-2026-33124 Frigate has insecure password change functionality — frigateCWE-287 6.5 -2026-03-20
CVE-2026-25643 Frigate Affected by Authenticated Remote Command Execution (RCE) and Container Escape — frigateCWE-78 9.1 Critical2026-02-06
CVE-2025-62382 Frigate Vulnerable to Arbitrary File Read via Export Thumbnail "image_path" parameter — frigateCWE-73 7.7 High2025-10-15
CVE-2024-32874 In Frigate, Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service — frigateCWE-770 6.8 Medium2024-05-09
CVE-2023-45672 Frigate unsafe deserialization in `load_config_with_no_duplicates` of `frigate/util/builtin.py` — frigateCWE-502 7.5 High2023-10-30
CVE-2023-45671 Frigate reflected XSS through `/<camera_name>` API endpoints — frigateCWE-79 4.7 Medium2023-10-30
CVE-2023-45670 Frigate cross-site request forgery in `config_save` and `config_set` request handlers — frigateCWE-352 7.5 High2023-10-30

This page lists every published CVE security advisory associated with blakeblackshear. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.