3 matches found
CVE-2026-34751
creationtimestamp| type| source ---|---|--- 2026-04-01 18:29:32+00:00| seen| https://bsky.app/profile/flarestart.bsky.social/post/3mihd3wxy7w2m 2026-04-01 21:20:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihmn3nyzl2g 2026-04-02 05:26:16+00:00| seen|...
CVE-2026-34751
Payload CMS (including @payloadcms/graphql and the core payload) contains a password-recovery flow vulnerability prior to version 3.79.1 that could allow an unauthenticated attacker to act on behalf of a user initiating a password reset. The issue is rated at CVSS v3.1 base score 9.1 (CRITICAL) w...
@adenta/cms (>=0.0.6 <=1.1.1-0), @anjy7/navbar-cms (=0.0.5) +25 more potentially affected by CVE-2026-34751 via @payloadcms/graphql (>=3.0.0-alpha.0 <=3.79.0)
@payloadcms/graphql NPM version =3.0.0-alpha.0, =0.0.6, =0.1.2, =1.0.2, =0.1.0, =3.0.0, =3.2.0, =0.2.0, =3.0.0-beta.10, =1.0.54, =1.0.1, =0.1.0, =0.1.1 and more Source cves: CVE-2026-34751 Source advisory: OSV:GHSA-HP5W-3HXX-VMWF...