14375 matches found
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...
EUVD-2026-39167
The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staffid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-8664 OS Command Injection in Rapid7 InsightConnect Finger Plugin
OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters due to insufficient input validation in shell command construction...
CVE-2026-9155
The CVE-2026-9155 issue affects the Rapid7 InsightConnect Sed Plugin running on Linux. It is a command-injection vulnerability in the expression parameter, caused by insufficient input validation, enabling authenticated attackers to run arbitrary OS commands on the host. The commonly cited score ...
CVE-2026-8659
CVE-2026-8659 describes an OS Command Injection in the Rapid7 InsightConnect SQLmap Plugin on Linux. The issue arises from insufficient input validation in connection configuration, allowing an authenticated attacker to execute arbitrary OS commands via the api_host or api_port parameters. The NV...
PT-2026-52614
Name of the Vulnerable Software and Affected Versions Flowise versions 3.0.0 through 3.0.7 Description Flowise fails to invalidate existing sessions and session tokens after a user changes their password. This allows an attacker who possesses an active session, such as through a stolen session...
BIT-NGINX-GATEWAY-FABRIC-2026-32682 NGINX Gateway Fabric vulnerability
When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containing backendRef filters. Note:...
CVE-2026-55255
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...
CVE-2026-42867 Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API POST /api/v1/knowledgebases. This occurs because user-supplied knowledge base names are used directly to create file paths without...
CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...
CVE-2026-55255
Summary of technical details : CVE-2026-55255 is an IDOR in Langflow prior to version 1.9.1 where an authenticated user could trigger a victim’s flow by supplying the victim’s flow UUID to the /api/v1/responses endpoint. The root cause is in get_flow_by_id_or_endpoint_name(), which could load a F...
CVE-2026-7167
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
CVE-2026-6062
Mattermost versions 11.7.x = 11.7.0, 11.6.x = 11.6.2, 11.5.x = 11.5.5, 10.11.x = 10.11.17 Fail to validate channel ownership of an existing subscription before applying edits which allows an authenticated attacker to hijack subscriptions from channels they have no access to via a crafted PUT...
CVE-2026-6062
CVE-2026-6062 affects Mattermost versions 11.7.x ≤ 11.7.0, 11.6.x ≤ 11.6.2, 11.5.x ≤ 11.5.5, and 10.11.x ≤ 10.11.17. The issue is a logic flaw where the system fails to validate channel ownership of an existing subscription before applying edits, enabling an authenticated attacker to hijack subsc...
EUVD-2026-38250
Mattermost versions 11.7.x = 11.7.0, 11.6.x = 11.6.2, 11.5.x = 11.5.5, 10.11.x = 10.11.17 Fail to validate channel ownership of an existing subscription before applying edits which allows an authenticated attacker to hijack subscriptions from channels they have no access to via a crafted PUT...
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...
PT-2026-51314
Name of the Vulnerable Software and Affected Versions Mattermost version 11.7.0 Mattermost version 11.6.2 Mattermost version 11.5.5 Mattermost version 10.11.17 Description An issue exists where the system fails to validate channel ownership of an existing subscription before applying edits. This...
GHSA-QRPV-Q767-XQQ2 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow
Summary Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. Details The vulnerability exists in the getflowbyidorendpointname helper...
EUVD-2019-20197
Joomla! Component JoomCRM 1.1.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the dealid parameter. Attackers can send GET requests to index.php with option=comjoomcrm&view=contacts and inject SQL...
EUVD-2019-20194
Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profilepic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and...