Lucene search
K

304 matches found

CVE
CVE
added 2026/03/24 3:30 p.m.15 views

CVE-2026-33668

Vikunja vulnerability (CVE-2026-33668) affects versions prior to 2.2.1. When a user is disabled or locked, status checks are enforced only on local login and JWT refresh paths; API tokens, CalDAV basic auth, and OpenID Connect do not verify user status, allowing disabled/locked users to continue ...

8.1CVSS5.8AI score0.00453EPSS
Exploits1References6Affected Software1
CNVD
CNVD
added 2026/03/17 12:0 a.m.8 views

Unspecified Vulnerability in StudioCMS (CNVD-2026-18154)

StudioCMS is StudioCMS open source a content management system . A denial of service vulnerability exists in StudioCMS. The vulnerability stems from insufficient DELETE /studiocmsapi/dashboard/api-tokens endpoint validation, which can be exploited by an attacker to cause a denial of service...

7.1CVSS5.2AI score0.00452EPSS
Exploits2
CNVD
CNVD
added 2026/03/17 12:0 a.m.7 views

Unspecified Vulnerability in StudioCMS (CNVD-2026-18153)

StudioCMS is StudioCMS open source a content management system . StudioCMS has an authorization issue vulnerability that originates from improper authorization of the /studiocmsapi/dashboard/api-tokens endpoint, which can be exploited by an attacker to cause elevation of privilege...

8.8CVSS5.3AI score0.00564EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2026/03/11 7:36 a.m.4 views

CVE-2026-2917

The Happy Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.21.0 via the haduplicatething admin action handler. This is due to the canclone method only checking currentusercan'editposts' a general capability without...

5.4CVSS5.8AI score0.00193EPSS
Exploits0References7
NVD
NVD
added 2026/03/10 6:18 p.m.9 views

CVE-2026-30945

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...

7.1CVSS0.00452EPSS
Exploits2References3
NVD
NVD
added 2026/03/10 6:18 p.m.7 views

CVE-2026-30928

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...

8.7CVSS0.01657EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/10 6:16 p.m.7 views

EUVD-2026-10556

StudioCMS has Privilege Escalation via Insecure API Token Generation...

8.8CVSS5.8AI score0.00564EPSS
Exploits3References6
Snyk
Snyk
added 2026/03/10 6:16 p.m.2 views

Incorrect Authorization

Overview @withstudiocms/auth-kit is an Utilities for managing authentication Affected versions of this package are vulnerable to Incorrect Authorization through the api-tokens endpoint, which allows an authenticated user with editor privileges or higher to generate API tokens for any user by...

8.8CVSS5.8AI score0.00564EPSS
Exploits3References3
EUVD
EUVD
added 2026/03/10 6:16 p.m.6 views

EUVD-2026-10555

StudioCMS has Privilege Escalation via Insecure API Token Generation...

8.8CVSS5.8AI score0.00564EPSS
Exploits3References6
Vulnrichment
Vulnrichment
added 2026/03/10 4:52 p.m.3 views

CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References3
OSV
OSV
added 2026/03/10 4:52 p.m.8 views

CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References5
CVE
CVE
added 2026/03/10 4:52 p.m.27 views

CVE-2026-30945

CVE-2026-30945 : StudioCMS prior to 0.4.0 exposes an authorization flaw in DELETE /studiocms_api/dashboard/api-tokens. Any authenticated user with editor privileges or above can revoke API tokens for any user (including admin/owner) because tokenID and userID are taken directly from the request w...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2026/03/10 4:48 p.m.33 views

CVE-2026-30944 StudioCMS Affected by Privilege Escalation via Insecure API Token Generation

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...

8.8CVSS0.00564EPSS
Exploits3References3
CVE
CVE
added 2026/03/10 4:48 p.m.18 views

CVE-2026-30944

CVE-2026-30944 affects StudioCMS prior to 0.4.0. The vulnerability resides in the /studiocms_api/dashboard/api-tokens endpoint, where any authenticated user (at least Editor) can generate API tokens for any target user, bypassing authorization checks to create tokens on behalf of others. This lea...

8.8CVSS5.8AI score0.00564EPSS
Exploits3References3Affected Software1
EUVD
EUVD
added 2026/03/09 8:50 p.m.6 views

EUVD-2026-10357

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...

9.6CVSS5.9AI score0.00267EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/09 7:50 p.m.11 views

Glances Exposes Unauthenticated Configuration Secrets

Summary The /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all configured backend services including database passwords, API tokens, JWT...

8.7CVSS5.8AI score0.01657EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/25 7:29 p.m.8 views

Rucio WebUI has Stored Cross-site Scripting (XSS) in RSE Metadata

Summary A stored Cross-site Scripting XSS vulnerability was identified in the RSE metadata of the WebUI where attacker-controlled input is persisted by the backend and later rendered in the WebUI without proper output encoding. This allows arbitrary JavaScript execution in the context of the WebU...

6.1CVSS5.9AI score0.00287EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.4 views

CVE-2025-11754

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...

7.5CVSS5.3AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 3:25 a.m.32 views

CVE-2025-11754 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.1.2 - Missing Authorization to Sensitive Information Exposure

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'gdpr/v1/settings' REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to retrieve sensitive plugin...

7.5CVSS0.00369EPSS
Exploits0References3
OSV
OSV
added 2026/01/13 8:30 p.m.6 views

GHSA-JM5J-JFRM-HM23 hermes's raw options logging may disclose secrets passed in via subcommand options argument

Thanks, @thunze for reporting this! hermes subcommands take arbitrary options under the -O argument. These have been logged in raw form since https://github.com/softwarepub/hermes/commit/7f64f102e916c76dc44404b77ab2a80f5a4e59b1 in:...

5.9CVSS6.5AI score0.00154EPSS
Exploits0References5
Rows per page
Query Builder