Lucene search
K

643 matches found

Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40127

The mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as updating memory records PUT /memories/memory id are exposed without any verification of the requester's identity or permissions. A remote attacker can exploit...

5.9AI score0.00372EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40107

Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted requests to PAM API endpoints. This issue affects the following versions : Devolutions Server...

5.8AI score0.00197EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 7:39 p.m.5 views

GHSA-PW5X-2MF9-3XC8 MantisBT has a Private Bugnote Attachment Content Leak via REST API

A missing authorization check in MantisBT's file visibility function allows any authenticated user REPORTER+ to download attachments on private bugnotes they should not be able to access, via the REST API endpoint GET /api/rest/issues/id/files and SOAP API mcissueattachmentget endpoint. Impact -...

7.2CVSS5.8AI score0.0026EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

Meari IoT Cloud MQTT Broker EMQX 安全漏洞

Meari IoT Cloud MQTT Broker EMQX is a high-performance IoT messaging proxy service based on the MQTT protocol provided by Meari Corporation. A security vulnerability exists in the Meari IoT Cloud MQTT Broker EMQX 4.x version. This vulnerability stems from the lack of authorization for device-leve...

7.7CVSS5.8AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/09 3:42 a.m.6 views

CVE-2026-42297 Argo Workflows Is Missing Authorization in Sync ConfigMap Provider

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...

8.5CVSS5.7AI score0.00515EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/09 3:42 a.m.51 views

CVE-2026-42297 Argo Workflows Is Missing Authorization in Sync ConfigMap Provider

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...

8.5CVSS0.00515EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/05/09 12:43 a.m.12 views

CVE-2026-6667

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/09 12:43 a.m.11 views

EUVD-2026-28879

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References1
CVE
CVE
added 2026/05/09 12:43 a.m.25 views

CVE-2026-6667

PgBouncer (pre-1.25.2) contains an authorization flaw in the KILL_CLIENT admin command: any user with access to the administration console could execute the command, instead of restricting it to admins listed in admin_users. This could allow unauthorized clients to be killed. Remediation: upgrade...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/05/09 12:43 a.m.8 views

CVE-2026-6667

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS5.8AI score0.00287EPSS
Exploits0
OSV
OSV
added 2026/05/08 10:46 p.m.6 views

GHSA-WQFH-GQ79-J8MF free5GC's NEF nnef-callback route group is unauthenticated; forged callback requests are accepted into the processing path

Summary free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback handler -- the callback body is parsed and dispatched into NEF business...

7.3CVSS5.9AI score0.00241EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/08 12:12 p.m.29 views

CVE-2026-8077 Weak credentials vulnerability in the CashDro 3 web administration panel

Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...

8.6CVSS0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39259

Name of the Vulnerable Software and Affected Versions free5GC version 4.2.1 Description The Session Management Function SMF mounts the UPI management route group without OAuth2 or bearer-token authorization middleware. This allows a network attacker with access to the Service Based Interface SBI ...

10CVSS5.8AI score0.00331EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2026/05/06 9:59 p.m.12 views

Hatchet affected by cross-tenant information disclosure in `listTasksByDAGIds`

Summary A missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any tenant on the same Hatchet instance could query the endpoint with another tenant's UUID and a DAG UUID belongi...

6.5CVSS5.9AI score0.00181EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/06 8:12 p.m.6 views

GHSA-7CX3-2QX2-3G6W phpMyFAQ's Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags

Summary The TagController::delete endpoint at DELETE /admin/api/content/tags/tagId only verifies that the user is logged in userIsAuthenticated, but does not check any permission. Any authenticated user — including regular non-admin frontend users — can delete any tag by ID. This contrasts with...

5.4CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37342

The All-in-One WP Migration Unlimited Extension plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.83. This is due to the 'Ai1wmve Schedules Controller::save' handler for 'admin post ai1wm schedule event save' not verifying user capabilities before...

6.5CVSS5.7AI score0.00266EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/05/05 7:12 p.m.10 views

CVE-2026-33420

Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the getorgcollectionsdetails endpoint GET /api/organizations/orgid/collections/details is missing the hasfullaccess authorization check that exists on the sibling getorgcollections endpoint. This allows a...

5.3CVSS5.8AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 6:22 p.m.31 views

CVE-2026-40601 Chartbrew: Missing Authorization in /api/chart/:chart_id/query via team-level refresh toggle

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes POST /api/chart/:chartid/query without authentication. The endpoint only checks team.allowReportRefresh and does not verify that the...

7.5CVSS0.00326EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/29 9:46 p.m.12 views

Admidio's Missing Authorization on Inventory Module Destructive Endpoints Allows Any Authenticated User to Delete Items

Summary The Admidio inventory module enforces authorization for destructive operations delete, retire, reinstate only in the UI layer by conditionally rendering buttons. The backend POST handlers at modules/inventory.php for itemdelete, itemretire, itemreinstate, itempictureupload, itempicturesav...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-37142

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description The inventory module fails to properly enforce authorization for destructive operations on the backend, relying instead on the UI layer to hide buttons from non-administrative users. While the system...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References5
Rows per page
Query Builder