591 matches found
CVE-2026-7709
CVE-2026-7709 affects janeczku Calibre-Web up to 0.6.26. The vulnerable element is the function generate_auth_token in cps/kobo_auth.py of the Endpoint component. The issue stems from manipulation of the argument user_id , causing improper authorization. The vulnerability can be exploited remotel...
Calibre-Web 安全漏洞
Calibre-Web is a web application developed by Jan B, designed for browsing, reading, and downloading e-books from the Calibre database. Calibre-Web versions 0.6.26 and earlier contain security vulnerabilities. These vulnerabilities stem from the generateauthtoken function in the Endpoint...
CVE-2026-7567
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybelogintemporaryuser function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before...
PT-2026-37127
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.17.1 Description When a user changes their password, browser sessions are invalidated using the cycle session keys function, but Django REST Framework DRF API tokens with the wlu prefix stored in authtoken token are...
Camaleon CMS v2.9.0 - Path Traversal
Exploit Title: Camaleon CMS v2.9.0 - Path Traversal Date: 2026-02-02 Exploit Author: Sakshi Velampudi CyberQuestor Vendor Homepage: https://github.com/owen2345/camaleon-cms Software Link: https://github.com/owen2345/camaleon-cms/releases/tag/2.9.0 Version: = 2.9.0 Tested on: Linux CVE:...
Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars
Summary Dgraph v25.3.2 still exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can retrieve that token and replay it in the...
EUVD-2026-23862
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
CVE-2026-6369 Exposed Session Token in canonical-livepatch client snap
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
CVE-2026-6369 Exposed Session Token in canonical-livepatch client snap
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
PT-2026-33770
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
Exploit for Incorrect Resource Transfer Between Spheres in Openclaw
CVE-2026-25253: One-Click RCE in OpenClaw via Auth Token Theft...
CVE-2026-39974
n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...
Declaration of Catch for Generic Exception
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Chamilo LMS 安全漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Prior to version 1.11.38 of Chamilo LMS, there were security vulnerabilities. These vulnerabilities stemmed from...
CVE-2026-39912
The CVE-2026-39912 entry describes a token exposure in the loginWithMailLink flow affecting V2Board (1.6.1–1.7.4) and Xboard (up to 0.1.9). When login_with_mail_link_enable is active, the HTTP response body reveals the full authentication URL, allowing an unauthenticated attacker to POST to login...
CVE-2026-39912
V2Board 1.6.1 through 1.7.4 and Xboard through 0.1.9 expose authentication tokens in HTTP response bodies of the loginWithMailLink endpoint when the loginwithmaillinkenable feature is active. Unauthenticated attackers can POST to the loginWithMailLink endpoint with a known email address to receiv...
CVE-2026-39912 v2board / Xboard Authentication Token Exposure via loginWithMailLink
V2Board 1.6.1 through 1.7.4 and Xboard through 0.1.9 expose authentication tokens in HTTP response bodies of the loginWithMailLink endpoint when the loginwithmaillinkenable feature is active. Unauthenticated attackers can POST to the loginWithMailLink endpoint with a known email address to receiv...
CVE-2026-39974 n8n-MCP has an Authenticated SSRF via instance-URL header in multi-tenant HTTP mode
n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...
CVE-2026-39974
n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...
EUVD-2026-20968
n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...