SourceCodester Indian Invoicing System 访问控制错误漏洞

SourceCodester Indian Invoicing System is a SourceCodester open source Indian invoicing system. An Access Control Error vulnerability exists in SourceCodester Indian Invoicing System version 1.0, which stems from improper access control of the Backend Endpoint component...

PowerDNS Authoritative 访问控制错误漏洞

PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a vulnerability related to access control, which stems from incorrect behavior in the view of TCP PROXY requests...

CVE-2026-28380

Any Editor could delete any snapshot, even if they have no access to read or write them...

Microsoft Word 访问控制错误漏洞

Microsoft Word is a word processing software within the Office suite developed by the American company Microsoft. There is an access control error vulnerability in Microsoft Word. Attackers exploit this vulnerability to carry out deceptive attacks...

Apple macOS 访问控制错误漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sequoia 15.7.7, Sonoma 14.8.7, and Tahoe 26.2 contain an access control error vulnerability. This vulnerability stems from an access issue that could allow...

Prosody 安全漏洞

Prosody is an instant messaging server software from Prosody open source. A security vulnerability exists in Prosody versions prior to 0.12.6 and versions prior to 13.0.5 in versions 1.0.0 through 13.0.0, which stems from improper handling of access control in an activation scenario with...

Automotive Grade Linux app-framework-binder 访问控制错误漏洞

Automotive Grade Linux app-framework-binder is an application framework communication component from Automotive Grade Linux, Inc. An Access Control Error vulnerability exists in Automotive Grade Linux app-framework-binder version 19.90.0 and earlier, which stems from a lack of authentication on...

Google Chrome Access Control Error Vulnerability (CNVD-2026-17820)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an Access Control Error vulnerability that can be exploited by attackers to disclose cross-origin data via specially crafted HTML pages...

Microsoft Windows 访问控制错误漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows RPC API contains a vulnerability related to access control errors. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are...

Discourse Access Control Error Vulnerability (CNVD-2026-17476)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that can be exploited by an attacker to retrieve the content of posts, threa...

IBM Aspera Shares Access Control Error Vulnerability

IBM Aspera Shares is a Web application from International Business Machines IBM. An access control error vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.11.0. The vulnerability stems from a password reset that does not disable the session and can be exploited by an attacker to...

Core FTP 访问控制错误漏洞

Core FTP is a file transfer server. Version Core FTP 2.0 build 653 has a vulnerability related to access control. This vulnerability stems from a denial-of-service vulnerability in the PBSZ command, which could allow unverified attackers to cause the service to crash...

Discourse 访问控制错误漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that can be exploited by an attacker to retrieve the content of posts, threa...

HCL Aftermarket DPC Access Control Error Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an Access Control Error vulnerability that can be exploited by an attacker to elevate their privileges and compromise the application...

Fleet 安全漏洞

Fleet is Fleet Device Management open source a device management platform that supports a wide range of operating systems and devices to help IT and security teams with device management, vulnerability reporting, MDM and more. An access control error vulnerability exists in Fleet versions prior t...

CVE-2026-23977

Missing Authorization vulnerability in WPFactory Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through = 2.1.2...

HCL Aftermarket DPC 安全漏洞

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an Access Control Error vulnerability that can be exploited by an attacker to elevate their privileges and compromise the application...

OpenClaw Access Control Error Vulnerability (CNVD-2026-16041)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles webhook handler containing a passwordless fallback authentication path, which can be exploited by an attacker to cause an...

OpenClaw Access Control Error Vulnerability (CNVD-2026-16052)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause a local process to capture a gateway authentication token...

EUVD-2026-15559

Missing Authorization vulnerability in loopus WP Cost Estimation & Payment Forms Builder WPEstimationForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.3.0...