Lucene search
K

27785 matches found

Cvelist
Cvelist
added 2026/06/25 7:8 p.m.19 views

CVE-2026-57520 Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attackers can supply Admin...

7.1CVSS0.00277EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/25 6:11 p.m.5 views

EUVD-2026-39527

MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidated downloadCallbackUrl and downloadurl parameters. Attackers with default workspace USER role can...

6.4CVSS6AI score0.00171EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 6:11 p.m.14 views

CVE-2026-56779

MaxKB

6.4CVSS6AI score0.00171EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 6:11 p.m.30 views

CVE-2026-56779 MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters

MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidated downloadCallbackUrl and downloadurl parameters. Attackers with default workspace USER role can...

6.4CVSS0.00171EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 6:10 p.m.11 views

CVE-2026-56774

What is affected: Kanboard up to version 1.2.52. Root cause: UserViewController::removeSession does not validate the session id before calling RememberMeSessionModel::remove. Impact: Authenticated users can enumerate sequential session IDs to mass-invalidate persistent login sessions (including a...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 6:8 p.m.10 views

CVE-2026-56772

NewsBlur

5.3CVSS6AI score0.00204EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 6:7 p.m.10 views

CVE-2026-56771

NewsBlur prior to 14.5.0 is affected by an SSRF in the add_url endpoint. The issue lets authenticated users trigger arbitrary server requests to internal networks by failing to filter private IPs, potentially reaching localhost services and cloud metadata endpoints. This enables internal network ...

8.5CVSS6AI score0.00204EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 6:7 p.m.30 views

CVE-2026-56771 NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS0.00204EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 6:7 p.m.4 views

EUVD-2026-39524

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS6AI score0.00204EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 5:17 p.m.9 views

CVE-2026-9800

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS0.00301EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:16 p.m.5 views

CVE-2026-9800

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 4:16 p.m.4 views

EUVD-2026-39471

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 3:5 p.m.4 views

EUVD-2026-39434

CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...

8.6CVSS6AI score0.01191EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 5:16 a.m.14 views

CVE-2026-0934

GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configuratio...

3.8CVSS0.00201EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 4:34 a.m.120 views

CVE-2026-1606

CVE-2026-1606 affects GitLab CE/EE (versions 14.8–before 18.11.6, 19.0–before 19.0.3, 19.1–before 19.1.1). The issue stems from improper input validation and could allow an authenticated user to conceal content within a Snippet. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N ...

4.3CVSS5.9AI score0.00223EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 3:42 a.m.5 views

EUVD-2026-39165

The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS6AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:56 a.m.5 views

EUVD-2026-39163

OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction...

6CVSS6.2AI score0.00833EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:56 a.m.29 views

CVE-2026-8658 OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction...

6CVSS0.00833EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:51 a.m.31 views

CVE-2026-8662 Path Traversal in Rapid7 InsightConnect Compression Plugin

Path Traversal vulnerability in the createarchive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker...

3.3CVSS0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:51 a.m.5 views

EUVD-2026-39162

Path Traversal vulnerability in the createarchive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker...

3.3CVSS5.9AI score0.00216EPSS
Exploits0References1
Rows per page
Query Builder