Back to search
CVE-2026-28432
Published: Mar 9, 2026
Modified: Mar 10, 2026
PUBLISHED
Description
Misskey is an open source, federated social media platform. All Misskey servers prior to 2026.3.1 contain a vulnerability that allows bypassing HTTP signature verification. Although this is a vulnerability related to federation, it affects all servers regardless of whether federation is enabled or disabled. This vulnerability is fixed in 2026.3.1.
| Vendor | Product | Versions |
|---|---|---|
misskey-dev | misskey | affected < 2026.3.1 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now