37 matches found
GHSA-75HX-XJ24-MQRW n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport
Summary Several HTTP transport endpoints in n8n-mcp lacked proper authentication, and the health check endpoint exposed sensitive operational metadata without credentials. Impact An unauthenticated attacker with network access to the n8n-mcp HTTP server could disrupt active MCP sessions and gathe...
CVE-2026-35448
CVE-2026-35448 affects WWBN AVideo prior to version 27.x (plugin: BlockonomicsYPT/check.php). The endpoint accepts a Bitcoin address via GET and returns the corresponding payment order data without any authentication or access control. This enables unauthenticated disclosure of sensitive fields s...
CVE-2026-33763
CVE-2026-33763 affects WWBN AVideo up to version 26.0. The vulnerability is in the get_api_video_password_is_correct endpoint, which allows any unauthenticated user to verify whether a video password is correct for any password‑protected video. The endpoint returns a boolean passwordIsCorrect wit...
CVE-2026-33763
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getapivideopasswordiscorrect API endpoint allows any unauthenticated user to verify whether a given password is correct for any password-protected video. The endpoint returns a boolean passwordIsCorrect field...
CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL
SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...
CVE-2026-32949
SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...
Adminer 输入验证错误漏洞
Adminer is an open-source WordPress plugin developed by Adminer. It allows WordPress administrators to perform database management tasks quickly. Versions of Adminer prior to 5.4.1 had a vulnerability related to input validation errors. This vulnerability stemmed from a lack of source verificatio...
CVE-2026-2074
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...
CVE-2026-2074 O2OA HTTP POST Request check xml external entity reference
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...
CVE-2026-2074 O2OA HTTP POST Request check xml external entity reference
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...
CVE-2026-23009
In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during suspend/wake-u...
CVE-2026-23845
Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery SSRF via HTML Check CSS Download. The HTML Check feature /api/v1/message/ID/html-check is designed to analyze HTML emails for compatibility. During this process, the...
PT-2026-3356
The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.4.6. This is due to missing authorization checks on the paygent check webhook function combined with the paygent permission callback function unconditionally returning...
Elastic Kibana 代码问题漏洞
Elastic Kibana is a usable data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from server-side request forgery in the /api/fleet/healthcheck API, which can be used to send requests to internal endpoints...
PT-2024-28268 · Wavlink · Wavlink Wn551K1
Name of the Vulnerable Software and Affected Versions: WAVLINK WN551K1 affected versions not specified Description: The issue allows attackers to obtain sensitive router information through the 'live check.shtml' endpoint. Recommendations: At the moment, there is no information about a newer...
Reflected XSS in Firefox in check endpoint
When passing an invalid check name as parameter to the endpoint where the easymon routes are mounted, a 406 response with a body that contains the invalid check name unescaped is returned. Malicious JavaScript can be injected into that invalid name and have it executed in Firefox...
PYSEC-2018-20
privacyIDEA version 2.23.1 and earlier contains a Improper Input Validation vulnerability in token validation api that can result in Denial-of-Service. This attack appear to be exploitable via http request with user== to /validate/check url. This vulnerability appears to have been fixed in 2.23.2...