Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-26717 PoC — Richie 安全漏洞

Source
https://github.com/Rickidevs/CVE-2026-26717
Associated Vulnerability
Title:Richie 安全漏洞 (CVE-2026-26717)
Description:Richie是France Université Numérique开源的一个教育内容管理系统。 Richie存在安全漏洞,该漏洞源于sync_course_run_from_request函数中使用非恒定时间==运算符进行HMAC签名验证,可能导致远程攻击者通过测量响应时间差异伪造有效签名并绕过身份验证。
Description
I discovered a Timing Attack vulnerability in the Richie LMS, developed by France Université Numérique (OpenFUN), and it was assigned the ID CVE-2026-26717 by MITRE.
File Snapshot

 None
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.