3631 matches found
CVE-2026-57781 WordPress MeetingHub plugin <= 1.25.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through = 1.25.10...
CVE-2026-57408 WordPress Peach Payments Gateway plugin <= 4.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in peachpayments Peach Payments Gateway wc-peach-payments-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Peach Payments Gateway: from n/a through = 4.0.2...
CVE-2026-57729 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in UX-themes Flatsome flatsome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flatsome: from n/a through = 3.20.5...
TitanNit Web Control 2.01/Atemio 7600 - Remote Code Execution
The device contains a command injection caused by the 'getcommand' query in the application, letting unauthorized attackers execute system commands with root privileges, exploit requires attacker to send crafted requests. id: CVE-2024-9166 info: name: TitanNit Web Control 2.01/Atemio 7600 - Remot...
EUVD-2026-43156
The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.7.27. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attacker...
CVE-2026-57730 WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability
Subscriber Broken Access Control in Flatsome = 3.20.5 versions...
CVE-2026-48616
CVE-2026-48616 affects Rocket.Chat Livechat file downloads in multiple legacy branches (versions
SUSE SLES15 Security Update : tomcat11 (SUSE-SU-2026:2374-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2374-1 advisory. This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: - CVE-2026-41284: Unbounded read in WebDAV LOCK and...
Hermes Web UI 访问控制错误漏洞
Hermes Web UI is a lightweight, dark-themed web interface developed by Nathan Esquenazi. Versions of Hermes Web UI prior to 0.51.358 contained an access control vulnerability. This vulnerability stemmed from improper access control measures, allowing unauthorized remote attackers to initial...
Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Vulnerabilities in access control...
CVE-2026-41974
Technical details are not publicly available in the provided documents. Monitor for updates from the CVE entry (and Huawei/NVD listings) for affected products, vulnerable components, root cause, and any remediation guidance.
CVE-2026-41973
Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...
EUVD-2026-35341
Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
EUVD-2026-35323
Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-47670
Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-47694
Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability...
Microsoft Visual Studio Code 授权问题漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. There is a access control error vulnerability in Microsoft Visual Studio Code. Attackers can exploit this vulnerability to gain higher privileges...
Microsoft PC Manager 权限许可和访问控制问题漏洞
Microsoft PC Manager is a computer management software developed by Microsoft Corporation. It offers features such as one-click acceleration, system space management, pop-up management, and comprehensive health checks. However, Microsoft PC Manager has an access control vulnerability. Attackers c...
Microsoft Windows Secure Boot 权限许可和访问控制问题漏洞
Microsoft Windows Secure Boot is a security boot mechanism developed by Microsoft Corporation. There is an access control error vulnerability in Microsoft Windows Secure Boot. Attackers can exploit this vulnerability to bypass certain features. The following products and versions are affected:...
Flowise 访问控制错误漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a access control vulnerability, which stemmed from a batch assignment vulnerability in the assistant update endpoints. This vulnerability could...