5 matches found
Exploit for CVE-2026-46716
CVE-2026-46716 — Nezha Monitoring Cross-Tenant RCE via Cron AP...
arcane 安全漏洞
Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.0 contained security vulnerabilities. These vulnerabilities stemmed from multiple endpoints in the Huma-based REST API that did not call the checkAdmin helper function. Additionally, the...
EUVD-2026-19736
pyload-ng: Authorization Bypass for SSL Certificate/Key Configuration Due to Option Name Mismatch in pyload-ng...
CVE-2025-55734 flaskBlo Authorization Bypass
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page,...
Admin Check Bypass in NtPowerInformation
The system call NtPowerInformation performs a check that the caller is an administrator before performing some specific power functions. The check is done in the PopUserIsAdmin function. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: Project zero reason for closure: Info not...