In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. Mesh3l911/CVE-2021-3138 CVE-2021-3156 (2021-01-26) Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows pr...