Lucene search
K

115 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-53729

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS0.00391EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-53729 DataEase ExportCenter IDOR allows cross-user export task access

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download /exportCenter/download/id, delete /exportCenter/delete, retry /exportCenter/retry/id, or generate download links /exportCenter/generateDownloadUri/id for export tasks belonging t...

8.7CVSS0.00391EPSS
Exploits0References3
CVE
CVE
added 3 days ago8 views

CVE-2026-53729

DataEase (open source data visualization/analysis tool) contains an IDOR in the ExportCenter area. Before version 2.10.24, an authenticated user could manipulate the task ID to download, delete, retry, or generate download links for export tasks belonging to other users; additionally, the /export...

8.7CVSS5.9AI score0.00391EPSS
Exploits0References3
OSV
OSV
added 3 days ago7 views

PYSEC-2026-1803 pretix has Broken Access Control Allowing Cross-User File Access via UUID

Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS5.9AI score0.00226EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 12:47 p.m.11 views

EUVD-2026-41539

Authorization Bypass Through User-Controlled Key CWE-639 in CalendarDeleteEventController app/Http/Controllers/Calendar/CalendarDeleteEventController.php, exposed at GET /calendar/event/delete/id, in Prospero Flow CRM before 5.5.3 allows a remote, authenticated attacker to delete arbitrary calend...

6.9CVSS6AI score0.00403EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 7:16 p.m.28 views

CVE-2026-7663

Langflow OSS 1.0.0–1.9.6 is affected by an improper authorization vulnerability in the Streamable MCP transport endpoint (/api/v1/mcp/project/{project_id}/streamable) that allows unauthenticated attackers to access protected MCP resources and perform MCP operations. IBM bulletin cites cross‑user ...

9.8CVSS5.8AI score0.00259EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 7:16 p.m.46 views

CVE-2026-7663 Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...

9.1CVSS0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 11:33 p.m.13 views

EUVD-2026-38067

Subsonic API: any authenticated user can delete or read any other user's playlist IDOR...

7.1CVSS5.8AI score0.00168EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 6:17 p.m.3 views

Security Bulletin: Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

Summary An improper authorization vulnerability in Streamable MCP transport endpoint /api/v1/mcp/project/projectid/streamable allows unauthenticated attackers to bypass project ownership controls and execute Model Context Protocol MCP operations against OAuth-authenticated projects owned by other...

9.8CVSS6.1AI score0.00259EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/23 4:48 p.m.15 views

CVE-2026-54010

CVE-2026-54010 affects Open WebUI prior to version 0.9.6. An authenticated user could attach arbitrary file_id values to their own chat messages without ownership/read checks, and then leverage a forged chat-file link to access or delete the victim’s file via shared-chat authorization. The root c...

8.3CVSS6AI score0.00241EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/06/23 4:30 p.m.23 views

CVE-2026-33760

Langflow (pre-1.9.0) exposes an IDOR/BOLA vulnerability in the /api/v1/monitor router. Seven endpoints (including builds, messages, and transactions) allow read, write, and delete actions on user-owned resources without verifying ownership, enabling an attacker to access or modify another user’s ...

8.8CVSS5.9AI score0.00291EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 3:52 p.m.46 views

CVE-2026-45732 n8n: Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...

8.3CVSS0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 3:47 p.m.47 views

CVE-2026-54307 n8n: Credential Exfiltration via Permission Bypass

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...

8.5CVSS0.00315EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-51009

Name of the Vulnerable Software and Affected Versions gonic versions prior to 0.21.0 Description An authenticated Subsonic user can bypass ownership checks to read or delete playlists belonging to other users and probe arbitrary file paths on the host for existence or readability. This occurs...

7.1CVSS6.1AI score0.00262EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2026/06/17 2:15 p.m.20 views

Open WebUI: Forged model meta.knowledge allows cross-user file read and deletion

Summary Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the referenced files. Open WebUI then treats meta.knowledge entries of type file as an authorization source in two...

7.1CVSS5.6AI score0.00198EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 2:11 p.m.15 views

Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

summary POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the global file table with no ownership check. An authenticated user can therefore set imageurl.url to another...

6.5CVSS5.3AI score0.00366EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.21 views

PT-2026-50481

Name of the Vulnerable Software and Affected Versions Open-webui affected versions not specified Description An authenticated user can access files belonging to other users by exploiting a lack of ownership verification in the image processing path. When the POST endpoint "/api/chat/completions"...

6.5CVSS5.9AI score0.00225EPSS
Exploits1References7
CVE
CVE
added 2026/06/10 1:55 p.m.22 views

CVE-2026-53470

CVE-2026-53470 affects migration-planner. An authenticated attacker can exploit an improper access control on /api/v1/sources/{id}/image-url to bypass ownership checks and obtain presigned S3 URLs for other users’ Open Virtual Appliance (OVA) images, potentially downloading images containing long...

9.6CVSS5.5AI score0.0028EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-66171

The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...

6.5CVSS5.5AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-45267

Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permissions check allowed users to request reading form submissions of other users. This issue has been patched in version 5.2.6...

6.5CVSS5.3AI score0.00291EPSS
Exploits0References1
Rows per page
Query Builder