Lucene search
+L

119 matches found

CVE
CVE
added 2026/07/05 6:55 a.m.24 views

CVE-2026-14781

A flaw in Keycloak’s OIDC broker (org.keycloak.broker.oidc) causes incorrect synchronization of the email_verified claim. When trustEmail=true and the userinfo endpoint is enabled, Keycloak uses email from userinfo but takes email_verified from the id_token without validating that it corresponds ...

4.8CVSS6.1AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 11:53 a.m.9 views

EUVD-2026-38737

Capgo before 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization. An attacker with enterprise org admin access and a...

9.3CVSS6AI score0.00244EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.45 views

PT-2026-52216

Name of the Vulnerable Software and Affected Versions Gitea Docker image versions prior to 1.26.3 Description A critical authentication bypass exists in the official Gitea Docker image due to an insecure default configuration in the app.ini file. The variable REVERSE PROXY TRUSTED PROXIES is set ...

10CVSS7.2AI score0.00783EPSS
Exploits5References98
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48827

Name of the Vulnerable Software and Affected Versions Okta affected versions not specified Description Improper state verification in the OAuth implementation allows an attacker to manipulate the authentication flow. This can lead to a victim's account being linked to an account controlled by the...

8CVSS7.2AI score0.0012EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/11 10:20 a.m.11 views

CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS5.5AI score0.00355EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48717

Name of the Vulnerable Software and Affected Versions PenguinMod-BackendApi versions prior to 1.0.0 Description A NoSQL injection—a method of attacking non-relational databases by manipulating queries—exists in the password reset endpoint. This allows an authenticated user with a registered accou...

8.7CVSS5.2AI score0.00251EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 2:12 p.m.44 views

CVE-2026-43972

CVE-2026-43972 (gun_http2) : In gun_http2:push_promise_frame/7, the incoming PUSH_PROMISE :authority header is stored without validating it against the connection origin. Later, gun_http2:headers_frame/9 uses this unvalidated value when calling gun_cookies:set_cookie_header/7, before status handl...

6.3CVSS5.7AI score0.00215EPSS
Exploits0References3
HackRead
HackRead
added 2026/06/08 11:34 a.m.29 views

Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse

Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk...

5.5AI score
Exploits0
HackRead
HackRead
added 2026/05/31 2:54 p.m.18 views

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/12 10:23 p.m.15 views

SillyTavern: Existing sessions are not invalidated after password change, allowing session reuse and account takeover

Summary Changing a user’s password does not invalidate existing sessions, allowing an attacker with a stolen cookie to retain access even after the victim resets their password. Details SillyTavern relies on cookie-session for authentication, storing all session data user handle, permissions in a...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References4Affected Software1
Malwarebytes
Malwarebytes
added 2026/05/12 9:21 a.m.22 views

1 in 8 employees have sold company logins or know someone who has

UK anti-fraud non-profit Cifas just published research that should bother anyone who runs a business, or buys from one: One in eight workers at large enterprises have either sold their company login credentials or know someone who did. The internet is awash with compromised credentials that...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained security vulnerabilities. These vulnerabilities stemmed from the plugin/MobileManager/oauth2.php file, which exposed the user’s password hash in the OAuth login...

6.8CVSS5.8AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/28 11:41 a.m.19 views

EUVD-2026-26037

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...

9.4CVSS5.3AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/28 11:41 a.m.6 views

CVE-2026-5779 Multiple vulnerabilities in MphRx's Minerva

An insecure direct object reference IDOR vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an...

9.4CVSS5.3AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

MphRx Minerva 访问控制错误漏洞

MphRx Minerva is a medical data integration and interoperability platform developed by MphRx Corporation. Version MphRx Minerva V3.6.0 contains a security vulnerability related to access control. This vulnerability stems from an insecure direct object reference in the...

9.4CVSS5.8AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/12 2:22 a.m.8 views

EUVD-2026-21692

A Cross-site Scripting XSS vulnerability was identified in the fromdict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows a...

8.2CVSS7.2AI score0.00258EPSS
Exploits1References2
Veracode
Veracode
added 2026/03/31 3:55 a.m.29 views

Improper Authentication

github.com/1panel-dev/1panel is vulnerable to improper authentication.The vulnerability is due to improper server-side validation of a client-controlled parameter, which allows an unauthenticated attacker to bypass CAPTCHA protections and perform automated login attempts leading to potential...

7.5CVSS7.2AI score0.00405EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2026/03/30 8:24 p.m.8 views

CVE-2026-27599 CI4MS: System Settings (Mail Settings) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within System Settings – Mail Settings. Several configuration...

4.7CVSS5.8AI score0.00358EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/27 6:17 p.m.14 views

Fleet: Password reset tokens remain valid after password change for 24 hours

Summary A vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reused to reset the account password even after a defensive password change...

8.8CVSS5.9AI score0.00335EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.10 views

PT-2026-25366

LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP Model Context Protocol OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, without verifying that the browser hitting the redire...

7.6CVSS5.8AI score0.00244EPSS
Exploits1References8
Rows per page
Query Builder