3 matches found
EUVD-2026-20525
Incorrect Authorization CWE-863 in Kibana can lead to information disclosure via Privilege Abuse CAPEC-122. A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be...
CVE-2026-32050
OpenClaw is affected in versions prior to 2026.2.25. The vulnerability arises in signal reaction notification handling, where an access control failure allows unauthorized senders to enqueue status events before authorization checks are applied. Specifically, the reaction-only event path in event...
CVE-2024-41941
A vulnerability has been identified in SINEC NMS All versions V3.0. The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization...