Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/14 4:19 p.m.0 views

GHSA-HMG2-JJJX-JCP2 FlowiseAI: Vector Store No Permission Checks

FINDING 4: OpenAI Assistants Vector Store - No Auth on CRUD Operations Severity: HIGH CVSS 8.1 Type: CWE-306 Missing Authentication for Critical Function File: packages/server/src/routes/openai-assistants-vector-store/index.ts Description: ALL CRUD endpoints for OpenAI Assistants Vector Store hav...

8.7CVSS5.8AI score
Exploits0References4
NVD
NVDadded 2025/10/31 8:15 p.m.4 views

CVE-2025-63562

Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters e.g.,...

6.3CVSS0.0005EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEVadded 2024/11/26 12:0 a.m.2 views

VulnCheck KEV: CVE-2021-41295

ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands GET, POST, PUT, DELETE to perform arbitrary operations in the system...

8.8CVSS6AI score0.0017EPSS
Exploits1References1
OSV
OSVadded 2024/08/06 10:3 p.m.57 views

GO-2024-3023 Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server

Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server...

7.1CVSS6AI score0.00092EPSS
Exploits0References3
OSV
OSVadded 2024/08/01 3:32 p.m.9 views

GHSA-VG67-CHM7-8M3J Mattermost allows remote actor to create/update/delete posts in arbitrary channels

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels...

7CVSS6AI score0.00092EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/02/29 12:0 a.m.2 views

IBM Cloud Pak for Automation Security Vulnerability

IBM Cloud Pak for Automation is an intelligent software platform for building automation applications in cloud environments from International Business Machines IBM. The platform uses pre-integrated automation technologies and low-code tools to design, build and run automated applications and...

6.5CVSS6.8AI score0.00079EPSS
Exploits0References3
CNVD
CNVDadded 2020/11/17 12:0 a.m.6 views

IBM Cognos Controller Elevation of Privilege Vulnerability

IBM Cognos Controller is a suite of business intelligence and planning solutions from IBM in the United States. The product features process automation, financial audit control, and the creation and management of financial reports. IBM Cognos Controller suffers from a security vulnerability that...

8CVSS6.9AI score0.00522EPSS
Exploits0References1
Rows per page
Query Builder