Vulnerability in Blue-b Alienbin

CVE-2026-31827

Alienbin is an anonymous code and text sharing web service. In 1.0.0 and earlier, the /save endpoint in server.js drops and recreates the MongoDB TTL index on the entire post collection for every new paste submission. When User B submits a…

Vulnerability class: Race Condition

EPSS: 0.000 (15.4th percentile) — read the EPSS interpretation.

Affected products

Blue-b Alienbin — versions <= 1.0.0

Weakness classification (CWE)

CWE-362 — Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

References

https://github.com/Blue-B/Alienbin/security/advisories/GHSA-hqvr-6v89-gwff (x_refsource_CONFIRM)