Signal

Multiple critical vulnerabilities found in Dalfox server mode

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-05-12 15:07 UTCUpdated 2026-05-12 15:08 UTC

github

cveexploitssecurity_toolingincident_response

Trend in the last 24h

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (4)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (1 domains)

1 top source shown

Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

github_advisories · github.com · 2026-05-12 15:08 UTC

limited source diversity in top sources

View all evidence

Overview

Dalfox server mode is affected by several high-severity vulnerabilities including unauthenticated remote code execution, arbitrary file read, file creation/append, and remote denial of service.

Entities

Dalfox

Score total

0.93

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

The vulnerabilities were disclosed recently with assigned CVEs and GitHub advisories.
Dalfox is a widely used security tool, increasing the risk of exploitation.
Prompt awareness and mitigation reduce potential damage from active exploits.

Why it matters

These vulnerabilities allow attackers to execute code remotely and manipulate files without authentication.
Exploitation can lead to data exfiltration, system compromise, and denial of service.
Users of Dalfox server mode must patch immediately to prevent attacks.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

Dalfox server mode has an unauthenticated remote code execution vulnerability via 'found-action'
Dalfox server mode allows unauthenticated arbitrary file read with out-of-band exfiltration via 'custom-payload-file'
Dalfox server mode allows unauthenticated arbitrary file create/append via 'output' option
Dalfox server mode vulnerable to unauthenticated remote denial of service via closed-channel write in 'ParameterAnalysis'

How sources frame it

Github_advisories: neutral

All evidence

Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

github_advisories · github.com · 2026-05-12 15:08 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 1Origin domains: 1Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 1 / 0

Top publishers (this list)

github_advisories (1)

Top origin domains (this list)

github.com (1)