A critical security vulnerability, identified as CVE-2026-50160, has been discovered in the self-hosted Hoppscotch backend. This vulnerability allows unauthenticated attackers to overwrite sensitive configuration values, including the JWT signing secret, which can ultimately lead to a complete administrative takeover of affected instances. The issue is documented in the GitHub advisory GHSA-j542-4rch-8hwf and impacts all versions […]
The post Critical Hoppscotch Vulnerability Lets Attackers Overwrite JWT_SECRET and Forge Admin Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: