misskey

A critical vulnerability in Fediverse software (Mastodon, Misskey, and forks) related to Linked Data Signatures was discovered by Anthropic via Doyensec. The vulnerability allows property reordering via JSON-LD expansion, enabling attackers to exploit signed objects.