CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:38 p.m.•6 views

CVE-2026-34744

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

5.3CVSS5.3AI score0.00362EPSS

Positive Technologies•added 2026/06/05 12:0 a.m.•9 views

PT-2026-47086

Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. Details The MCP readAttachment tool accepts...

2.3CVSS5.5AI score0.00041EPSS

Exploits0References4

Vulnrichment•added 2026/06/01 4:53 p.m.•9 views

CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...

6.5CVSS5.7AI score0.00294EPSS

Exploits0References3

Cvelist•added 2026/06/01 4:53 p.m.•32 views

CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access

6.5CVSS0.00294EPSS

Exploits0References3

Vulnrichment•added 2026/05/22 3:26 p.m.•14 views

CVE-2026-9246

5.8AI score0.00152EPSS

EUVD•added 2026/05/19 10:45 p.m.•5 views

EUVD-2026-31004

5.3CVSS5.7AI score0.00362EPSS

Exploits0References3

CNNVD•added 2026/05/19 12:0 a.m.•11 views

Mantis Bug Tracker 信息泄露漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a vulnerability related to information leakage. This vulnerability stemmed from allowing users to list and download attachments that they had...

5.3CVSS5.8AI score0.00362EPSS

Snyk•added 2026/05/11 7:32 p.m.•7 views

Information Exposure

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Information Exposure in the attachment access process. An attacker can gain unauthorized access to attachments they previously uploaded by listing and downloading them from issues that have sin...

5.3CVSS5.8AI score0.00362EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•7 views

PT-2026-39891

Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description A missing authorization check in the file visibility function allows any authenticated user with REPORTER level access or higher to download attachments from private bugnotes they are not...

7.2CVSS5.8AI score0.0026EPSS

Exploits0References11

EUVD•added 2026/04/27 2:21 p.m.•5 views

EUVD-2026-25856

SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000...

8.2CVSS5.5AI score0.00155EPSS

NVD•added 2026/04/13 9:16 p.m.•3 views

CVE-2026-33740

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Email/importEml endpoint contains an Insecure Direct Object Reference IDOR vulnerability where the attacker-supplied fileId parameter is used to fetch any attachment directly from...

5.4CVSS0.00211EPSS

Vulnrichment•added 2026/04/13 8:37 p.m.•1 views

CVE-2026-33740 EspoCRM: Email importEml can import and delete another user's attachment by raw fileId

CVE•added 2026/04/13 8:37 p.m.•8 views

CVE-2026-33740

EspoCRM

Exploits1References3Affected Software1

Positive Technologies•added 2026/04/13 12:0 a.m.•4 views

PT-2026-32522

CNNVD•added 2026/04/13 12:0 a.m.•6 views

Exploits1References5

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. EspoCRM versions 9.3.3 and earlier contained security vulnerabilities. These vulnerabilities...

Positive Technologies•added 2026/04/07 12:0 a.m.•3 views

PT-2026-30971

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source omits authorization on job specification and vacancy attachment download handlers, allowing authenticated low-privilege users to read attachments via direct reference to attachment identifier...

5.3CVSS5.9AI score0.00165EPSS

SUSE CVE•added 2026/03/28 12:24 a.m.•3 views

SUSE CVE-2026-33678

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads ...

8.1CVSS5.9AI score0.00265EPSS

Snyk•added 2026/03/26 4:56 p.m.•3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the improper enforcement of access controls in the ReadAll and GetTaskAttachment processes. An attacker can gain unauthorized access to and delete file attachments across all...

9.3CVSS5.9AI score