Lucene search
K

741 matches found

Vulnrichment
Vulnrichment
added 2026/04/08 4:41 p.m.3 views

CVE-2026-33461 Incorrect Authorization in Kibana Fleet Leading to Information Disclosure

Incorrect Authorization CWE-863 in Kibana can lead to information disclosure via Privilege Abuse CAPEC-122. A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be...

7.7CVSS5.9AI score0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.6 views

PT-2026-31334

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An issue exists in Kibana where incorrect authorization can lead to information disclosure through privilege abuse. A user with limited Fleet privileges can exploit an internal API endpoint to...

7.7CVSS5.8AI score0.00282EPSS
Exploits0References6
NVD
NVD
added 2026/04/06 8:16 p.m.8 views

CVE-2026-35185

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...

8.7CVSS0.00355EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/06 7:24 p.m.3 views

CVE-2026-35185 HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...

8.7CVSS5.9AI score0.00355EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 7:24 p.m.9 views

EUVD-2026-19469

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...

8.7CVSS5.9AI score0.00355EPSS
Exploits1References1
CVE
CVE
added 2026/04/06 7:24 p.m.8 views

CVE-2026-35185

Summary: CVE-2026-35185 affects HAX CMS prior to version 25.0.0, where the /server-status endpoint is publicly accessible and can disclose sensitive information without authentication. What is affected: HAX CMS with PHP or Node.js backends. Impact (as stated): Exposure of authentication tokens (u...

8.7CVSS5.9AI score0.00355EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/06 7:24 p.m.19 views

CVE-2026-35185 HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...

8.7CVSS0.00355EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/06 5:59 p.m.17 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect through the redirecturi parameter in multiple endpoints ForgotPassword, MagicLinkLogin, Signup, InviteMembers, OAuthLoginHandler, VerifyEmailHandler which is not validated against AllowedOrigins. An attacker can obtain...

8.6CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.9 views

PT-2026-30720

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens user token, user activity, client IP addresses, and server configuration details. This allows...

8.7CVSS5.9AI score0.00355EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/01 8:54 p.m.1 views

CVE-2026-4820

IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to th...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/31 4:56 p.m.6 views

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS5.8AI score0.00299EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 4:56 p.m.1 views

CVE-2026-34359

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

7.4CVSS5.8AI score0.00158EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 4:56 p.m.2 views

CVE-2026-34359 HAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR Core

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

7.4CVSS5.8AI score0.00158EPSS
Exploits1References1
OSV
OSV
added 2026/03/30 5:24 p.m.4 views

GHSA-VR79-8M62-WH98 FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

Summary The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication...

9.3CVSS5.9AI score0.00299EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/30 3:32 p.m.3 views

EUVD-2026-17106

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A Cross-Site Request Forgery CSRF vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens generated after...

5.9AI score0.00202EPSS
Exploits0References5
NVD
NVD
added 2026/03/30 3:16 p.m.6 views

CVE-2026-33373

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A Cross-Site Request Forgery CSRF vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens generated after...

8.8CVSS0.00202EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/30 9:18 a.m.3 views

CVE-2026-5128

...

5.8AI score0.00144EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.3 views

CVE-2026-33373

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A Cross-Site Request Forgery CSRF vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens generated after...

5.9AI score0.00202EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.21 views

CVE-2026-33373

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A Cross-Site Request Forgery CSRF vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens generated after...

0.00202EPSS
Exploits0References4
CVE
CVE
added 2026/03/30 12:0 a.m.17 views

CVE-2026-33373

CVE-2026-33373 affects Zimbra Collaboration (ZCS) 10.0 and 10.1. The vulnerability is a Cross-Site Request Forgery (CSRF) in the Zimbra Web Client where authentication tokens issued during certain account state transitions (e.g., enabling 2FA or changing a password) may lack CSRF protection, allo...

8.8CVSS5.9AI score0.00202EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder