New WAF Objects: [total: 6]
==================================
Signature:
    ID: '708513'
    Name: 'CVA N/A - RSC DoS - Imperva Research #2'
    Attack: Denial of Service - Blocking
    Attack Class: Denial of Service
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="\"$W0", rgxp="(\x22\x24(Q|W)0{1,5}\x22\s*?,\s*?){3,7}"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - parameters

Signature:
    ID: '708512'
    Name: CVE N/A - RSC DoS - Imperva Research
    Attack: Denial of Service - Blocking
    Attack Class: Denial of Service
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="\"$Q0", rgxp="(\x22\x24(Q|W)0{1,5}\x22\s*?,\s*?){3,7}"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - parameters

Signature:
    ID: '708511'
    Name: 'CVE-2025-40551: Solarwinds Web Help Desk - Deserialization Issue'
    Attack: Illegal Resource Access - Blocking
    Attack Class: Illegal Resource Access
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="helpdesk/WebObjects/Helpdesk.woa/wo/", part="wopage.setVariableValueForName", part="javaClass", part="jndiPath"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - url-and-parameters

Policy:
  name: 'CVE-2025-54068: Livewire - RCE'
  id: '20000352'
  minimum version: '10.0'
  predicates:
  - type: HTTP Request
    operation: Match All
    match values:
    - part: parameter
      name: components.snapshot
      operation: includes
      value: __toString
    - part: url
      operation: includes
      value: /livewire/update
  - type: HTTP Request Method
    operation: At Least One
    values:
    - POST

Signature:
    ID: '708510'
    Name: 'CVE-2026-1281-CVE-2026-1340: Ivanti pre-auth RCE'
    Attack: Remote Command Execution - Blocking
    Attack Class: Remote Command Execution
    Dictionary: Recommended for Blocking for Web Applications
    Pattern: part="/mifs/c/appstore/fob/3/", rgxp="(?:^|[,?&])h=[^,&]*[;|'\"\`<>\[]"
    Policy: Recommended Signatures Policy for Web Applications
    Search In:
    - url

Policy:
  name: 'CVE-2026-22444: Apache Solr UNC - RCE'
  id: '20000351'
  minimum version: '10.0'
  predicates:
  - type: HTTP Request Parameter Name
    operation: At Least One
    values:
    - configSet
  - type: HTTP Request
    operation: Match All
    match values:
    - part: parameter
      name: action
      operation: includes
      value: create
    - part: url
      operation: includes
      value: /solr/admin/cores
  - type: HTTP Request Method
    operation: At Least One
    values:
    - POST