109 matches found
CVE-2026-13568
A weakness has been identified in SourceCodester Inventory Management System 1.0. This vulnerability affects unknown code of the file /api/usershandler.php of the component User Registration Endpoint. This manipulation of the argument role causes improper access controls. Remote exploitation of t...
CVE-2026-9610
IBM Datacap (including Datacap Navigator) 9.1.7–9.1.9 exposes resources or functionality not linked in the UI but accessible via direct URL requests, bypassing access controls (CWE-425: Direct Request). Affected: IBM Datacap 9.1.7, 9.1.8, 9.1.9 and Datacap Navigator 9.1.7, 9.1.8, 9.1.9. IBM’s bul...
CVE-2026-45398
Summary (concrete details from provided docs): Open WebUI before 0.9.5 exposes an IDOR vulnerability in the retrieval API where knowledge base collections (UUID-named) are not checked by _validate_collection_access. This allows any authenticated user who knows a private knowledge base UUID to rea...
Palo Alto Networks Trust Protection Foundation 代码问题漏洞
Palo Alto Networks Trust Protection Foundation is a machine identity and certificate security management platform provided by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Trust Protection Foundation, which stems from incorrect authorization. This vulnerability could all...
CVE-2026-41403 OpenClaw < 2026.3.31 - Access Control Bypass via Proxied Remote Request Misclassification
OpenClaw before 2026.3.31 misclassifies proxied remote requests as loopback connections in the diffs viewer when allowRemoteViewer is disabled, allowing unauthorized access. Attackers can bypass access controls by sending proxied requests that are incorrectly identified as local loopback traffic,...
Origin Validation Error
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Origin Validation Error via the Slack thread context. An attacker can inject unauthorized messages into the agent context by replying to allowlisted users in Slack threads, thereby...
CVE-2026-6823
HKUDS OpenHarness prior to PR 147 remediation contains an insecure default configuration vulnerability where remote channels inherit allowfrom = "" permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach...
CVE-2026-6823 HKUDS OpenHarness Insecure Default Remote Channel Allowlist
HKUDS OpenHarness prior to PR 147 remediation contains an insecure default configuration vulnerability where remote channels inherit allowfrom = "" permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach...
CVE-2026-5936 Server-Side Request Forgery (SSRF) via URL Parameter in Foxit PDF Services API
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
Use of Less Trusted Source
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Use of Less Trusted Source via the getRealIpAddr function. An attacker can bypass IP-based access controls, rate limiting, or forge audit log entries by sending...
CVE-2026-33690 AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getRealIpAddr function in objects/functions.php trusts user-controlled HTTP headers to determine the client's IP address. An attacker can spoof their IP address by sending forged headers, bypassing any IP-base...
CVE-2026-4514
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-31836
Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Checkmate's user profile update endpoint allows any...
CVE-2016-20029 ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including...
BIT-PARSE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g., stats.counter. The amount value is...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 9.22.0, there were security...
SUSE CVE-2026-26017
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check...
PT-2026-23721
Name of the Vulnerable Software and Affected Versions CoreDNS versions prior to 1.14.2 Description CoreDNS is a DNS server that utilizes a chain of plugins. A flaw in the default plugin execution order allows bypassing of DNS access controls. Specifically, security plugins like acl are evaluated...
CVE-2025-9572 Foreman: satellite: graphql api permission bypass leads to information disclosure
n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass...
CVE-2026-27022
@langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph. A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directl...