Lucene search
K

591 matches found

Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.6 views

PT-2026-22032

Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.0.0 Description Vikunja, a self-hosted task management platform, does not sanitize SVG files uploaded as task attachments. This allows for the inclusion of JavaScript code within the SVG file, which executes when th...

9.9CVSS6AI score0.22162EPSS
Exploits68References138
OSV
OSV
added 2026/02/24 8:27 p.m.9 views

CVE-2026-26342

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token X-User-Token with insufficient expiration. An attacker who obtains a valid token for example via interception, log exposure, or token reuse on a shared system can continue to...

9.8CVSS5.8AI score0.00716EPSS
Exploits3References3
CVE
CVE
added 2026/02/24 6:41 p.m.30 views

CVE-2026-26342

CVE-2026-26342 affects Tattile Smart+, Vega, and Basic device families with firmware versions prior to 1.181.5. The root cause is an authentication token (X-User-Token) with insufficient expiration, permitting an attacker with a valid token to continue authenticated access to the management inter...

9.8CVSS5.5AI score0.00716EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2026/02/24 6:41 p.m.22 views

CVE-2026-26342 Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient Session Token Expiration

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token X-User-Token with insufficient expiration. An attacker who obtains a valid token for example via interception, log exposure, or token reuse on a shared system can continue to...

8.7CVSS0.00716EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2026/02/24 6:41 p.m.2 views

CVE-2026-26342

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token X-User-Token with insufficient expiration. An attacker who obtains a valid token for example via interception, log exposure, or token reuse on a shared system can continue to...

9.8CVSS5.9AI score0.00716EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2026/02/24 6:41 p.m.4 views

CVE-2026-26342 Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient Session Token Expiration

Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token X-User-Token with insufficient expiration. An attacker who obtains a valid token for example via interception, log exposure, or token reuse on a shared system can continue to...

8.7CVSS5.5AI score0.00716EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.7 views

PT-2026-21790

Name of the Vulnerable Software and Affected Versions Tattile Smart+, Vega, and Basic device families versions prior to 1.181.5 Description The authentication token X-User-Token in affected devices has an insufficient expiration time. An attacker obtaining a valid token through methods like...

9.8CVSS5.3AI score0.00716EPSS
Exploits3References8
OSV
OSV
added 2026/02/17 4:37 p.m.12 views

GHSA-RV39-79C4-7459 OpenClaw's gateway connect could skip device identity checks when auth.token was present but not yet validated

Summary The gateway WebSocket connect handshake could allow skipping device identity checks when auth.token was present but not yet validated. Details In src/gateway/server/ws-connection/message-handler.ts, the device-identity requirement could be bypassed based on the presence of a non-empty...

9.8CVSS5.6AI score0.00357EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.7 views

PT-2026-23547

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2 Description The gateway WebSocket connect handshake allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity...

9.3CVSS5.8AI score0.00357EPSS
Exploits0References10
NVD
NVD
added 2026/02/13 7:17 p.m.8 views

CVE-2026-26190

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

9.8CVSS0.27661EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/13 6:44 p.m.47 views

CVE-2026-26190 Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

9.8CVSS0.27661EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/02 11:41 p.m.11 views

OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl

Summary The Control UI trusts gatewayUrl from the query string without validation and auto-connects on load, sending the stored gateway token in the WebSocket connect payload. Clicking a crafted link or visiting a malicious site can send the token to an attacker-controlled server. The attacker ca...

8.8CVSS6.2AI score0.08016EPSS
Exploits5References5Affected Software1
OSV
OSV
added 2026/02/02 11:41 p.m.2 views

GHSA-G8P2-7WF7-98MQ OpenClaw/Clawdbot has 1-Click RCE via Authentication Token Exfiltration From gatewayUrl

Summary The Control UI trusts gatewayUrl from the query string without validation and auto-connects on load, sending the stored gateway token in the WebSocket connect payload. Clicking a crafted link or visiting a malicious site can send the token to an attacker-controlled server. The attacker ca...

8.8CVSS6.2AI score0.08016EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2026/01/29 9:20 p.m.6 views

CVE-2026-24772

OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...

9CVSS5.9AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 6:7 p.m.6 views

EUVD-2026-4877

OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...

8.9CVSS5.9AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.10 views

PT-2026-4859

Name of the Vulnerable Software and Affected Versions Dozzle versions prior to 9.0.3 Description A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting...

8.7CVSS5.9AI score0.00385EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2026/01/21 9:18 p.m.4 views

CVE-2026-22808 Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability

fleetdm/fleet is open source device management software. Prior to versions 4.78.2, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, if Windows MDM is enabled, an unauthenticated attacker can exploit this XSS vulnerability to steal a Fleet administrator's authentication token FLEET::authtoken from localStorage...

5.5CVSS5.5AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/21 9:18 p.m.16 views

CVE-2026-22808 Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability

fleetdm/fleet is open source device management software. Prior to versions 4.78.2, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, if Windows MDM is enabled, an unauthenticated attacker can exploit this XSS vulnerability to steal a Fleet administrator's authentication token FLEET::authtoken from localStorage...

5.5CVSS0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.7 views

PT-2026-3770

Name of the Vulnerable Software and Affected Versions Dataease versions prior to 2.10.19 Description Dataease, an open source data visualization analysis tool, is susceptible to an account takeover issue. The tool utilizes the MD5 hash of a user’s password as the JWT signing secret. This...

9.8CVSS5.4AI score0.00475EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.4 views

PT-2026-3748

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.78.2 Fleet versions 4.53.3 through 4.77.1 Fleet versions 4.75.2 Fleet versions 4.76.2 Description Fleet, an open-source device management software, contains a cross-site scripting XSS flaw in its Windows MDM...

5.5CVSS5.1AI score0.00209EPSS
Exploits0References15
Rows per page
Query Builder