1. CombineHub & SignalRHub Flaw: Malicious Clients Can Falsely Acknowledge Any User's Messages
A critical security vulnerability in the CombineHub and SignalRHub components allows any connected client to falsely acknowledge and suppress messages intended for other users. The flaw stems from the `AcknowledgeMessage` method, which accepts only a `requestId` without validating the caller's identity against the inte...