46 matches found
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33125
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33126 Frigate has SSRF vulnerability in /ffprobe endpoint
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33126 Frigate has SSRF vulnerability in /ffprobe endpoint
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33125
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33125 Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33125
Frigate (NVR for IP cameras) has a broken access control vulnerability: in versions ≤0.16.2, users with the viewer role can delete admin and other low-privileged accounts via the API, potentially causing denial of service and compromising data integrity. The issue is addressed in version 0.16.3. ...
CVE-2026-33125 Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33125
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33125 Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
Frigate 代码问题漏洞
Frigate is a complete native NVR developed by Blake Blackshear, designed specifically for home assistants with AI object detection capabilities. Versions of Frigate prior to 0.16.3 have code vulnerabilities; these vulnerabilities stem from the /ffprobe endpoint accepting arbitrary user-controlled...
PT-2026-26667
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
📄 Frigate NVR 0.16.3 Remote Code Execution
This Metasploit module exploits a remote code execution vulnerability in Frigate NVR versions 0.16.3 and below by manipulating the application's configuration through the go2rtc stream settings. The module retrieves the current configuration, safely parses and modifies it to introduce a controlle...
📄 Frigate NVR 0.16.3 Remote Command Execution
This Python exploit targets a critical configuration manipulation vulnerability in Frigate NVR versions up to 0.16.3 both authenticated and unauthenticated paths. By injecting a malicious go2rtc stream and a fake camera entry, it triggers arbitrary command execution as the Frigate process during...
Fedora 43 : rust-lru (2026-cd2a3ce9e6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cd2a3ce9e6 advisory. Update to version 0.16.3. Includes the fix for RUSTSEC-2026-0002. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora: Security Advisory (FEDORA-2026-e153bc6b6a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : rust-lru (2026-e153bc6b6a)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e153bc6b6a advisory. Update to version 0.16.3. Includes the fix for RUSTSEC-2026-0002. Tenable has extracted the preceding description block directly from the Fedora security...
EUVD-2022-44883
Malicious code in bioql PyPI...