305 matches found
CVE-2026-45155
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...
CVE-2026-45155 Nextcloud: Private circle can be added to another circle via API
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...
CVE-2026-45155
Nextcloud Server is affected by CVE-2026-45155 due to a missing API-level access check that allows adding unknown circle IDs to other circles. Affected versions are 32.0.0–32.0.6 and 33.0.0–33.0.0 (i.e., before 32.0.7 and before 33.0.1). The underlying issue could enable unauthorized membership t...
PT-2026-45538
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read the content of all comments. It is recommended th...
CVE-2026-1933
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...
BIT-JOOMLA-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
An improper access check allows privilege escalation through the comusers batch task...
Linux Distros Unpatched Vulnerability : CVE-2026-46054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to acces...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
EUVD-2026-31880
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31879
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...
CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
An improper access check allows unauthorized access to comconfig webservice endpoints...
EUVD-2026-31877
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-48904
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
EUVD-2026-31875
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31873
An improper access check allows privilege escalation through the comusers batch task...